About the Team:
Are you eager to elevate your career to new heights? Join us for an exhilarating opportunity to pioneer our groundbreaking digital bank project, where boundless possibilities await!
We're thrilled to extend an invitation for you to join our vibrant team of visionaries, innovators, and trailblazers.
As a Cyber Threat Analyst of our digital bank project, we're not just offering a job; we're presenting an opportunity to be part of something extraordinary.
You'll collaborate closely with some of the sharpest minds in the industry, operating within a supportive and collaborative environment that fosters creativity and exploration.
Your next thrilling adventure awaits with our digital bank project. Join us in shaping the future, today!
About the Role:
- A team player, responsible for monitoring, detecting and responding to potential threats against the Bank’s data and infrastructure.
- In a team for Threat Management and Intelligence and Security Incident Management.
- In managing cyber threat and defence roles.
What You'll Do:
- Develop and execute strategies to identify, assess, and mitigate cyber threats and vulnerabilities. Stay updated on the latest cyber threats, attack vectors, and security trends to proactively protect the organization's systems and data
- Work closely with the Head of Cyber Security to develop the roadmap and plans for cyber threat to drive continuous improvement in maturity and capability, as well as implementation of new technology enhancements and define measurable operations and efficacy metrics.
- Collect and analyze threat intelligence from various sources to identify potential cyber threats and risks. Monitor security systems, logs, and alerts for suspicious activities and respond to security incidents in a timely manner
- Lead incident response efforts during cyber security incidents. Coordinate with internal teams and external stakeholders to contain, investigate, and remediate security incidents. Develop and maintain incident response plans and playbooks
- Conduct regular security risk assessments and penetration tests to identify vulnerabilities in the organization's infrastructure, applications, and systems. Provide recommendations for risk mitigation and work with relevant teams to address identified weaknesses
- Collaborate with cross-functional teams, such as IT, legal, compliance, and risk management, to ensure a coordinated and effective response to cyber threats. Communicate and report on cyber threat landscape, incident response activities, and security posture to senior management and stakeholders
- Provide strong technical guidance on tactical and operational threat hunting and intelligence operations
- Establish, maintain and lead for improvement of SOPs for the teams but not limited to Cyber Incident Response Procedure, Threat Hunting and Intelligence Procedure, SOC Procedure and Digital Forensic Procedure
- Work closely with the Security Architecture & Engineering team for implementation of security tools and controls
- Train the team and new hires, manage staffing levels and performance, and create the development plan to improve technical skillset as it matures.
What We're Seeking:
- Preferably with one or more of the related certification in the areas of Cyber Security/Information Security – CISSP, CEH, CISM, Comptia CYSA+, GIAC GCFA, GCTI, GCIH and GREM or other relevant certifications
- Preferably familiar with cloud native systems and defence
- Familiarity with industry cybersecurity frameworks and standards, such as NIST Cybersecurity Framework, ISO 27001, and CIS Controls, is necessary. Understand the requirements and best practices outlined by these frameworks and be able to align security programs and practices accordingly. Familiar with local regulatory requirements such as BNM RMIT, Paynet, PCI-DSS
- In-depth knowledge and understanding of cybersecurity principles, best practices, and technologies are necessary. Have expertise in threat intelligence analysis, incident response, vulnerability management, and security operations. Stay abreast with the latest cyber threats, attack vectors, and mitigation techniques
- Strong experience in incident response planning and execution is crucial. Competent in leading and coordinating incident response efforts, conducting investigations, and implementing remediation measures. Experience in managing threat intelligence platforms, security information and event management (SIEM) systems, and other security tools is beneficial
- Proficiency in conducting security risk assessments, vulnerability assessments, and penetration tests is important. Experienced in identifying and assessing security risks, developing risk mitigation strategies, and implementing controls to protect against cyber threats.
- Excellent communication and leadership skills are vital. Able to effectively communicate complex technical concepts to both technical and non-technical stakeholders. Have the ability to lead and motivate a team, collaborate with cross-functional teams, and provide guidance during security incidents
- Strong analytical skills and the ability to think critically. Able to analyze and interpret security data, identify patterns, and make informed decisions. Possess excellent problem-solving skills to address complex security challenges and incidents
- Given the rapidly evolving cybersecurity threat landscape, continuous learning and staying updated with emerging threats and technologies is crucial
What We Value:
- Open-mindedness and constructive communication, fostering an environment of mutual support and growth.
- Responsibility and ownership, with a strong sense of accountability.
- Commitment to teamwork and achieving shared goals.
- Customer focus and dedication to delivering results.
- A proactive approach to leading change and innovation.