Information Security Specialist - AVP
Details of the Division and Team:
The Global Cyber Security Operations Center operates 24x7x365 in a follow-the-sun mode and is responsible for enabling the business of the bank by providing agile, implementable and cost-effective cutting edge Cyber Security Operational and Security Incident Response services to protect DB's data assets, customers and partners
What we will offer you:
A healthy, engaged and well-supported workforce are better equipped to do their best work and, more importantly, enjoy their lives inside and outside the workplace. That's why we are committed to providing an environment with your development and well-being at its center.
You can expect:
- Flexible benefits plan including virtual doctor consultation services
- Comprehensive leave benefits
- Gender Neutral Parental Leave
- Flexible working arrangements
- 25 days of annual paid leave, plus public holiday & Flexible Working Arrangement
Your key responsibilities:
- The SOC Security Incident Manager is the responsible person for the management of security incidents during all stages of the security incident management process including in-depth analysis.
- Therefore the SOC Security Incident Manager will evaluate escalated security alerts from the SOC Cyber Threat Response Analysts, assess the security and business risk associated with a security incident, coordinate containment, eradication, recovery, investigation and response measures and ensure appropriate tracking, documentation, closure and post incident reporting and review of incidents.
- The SOC Security Incident Manager will lead the communication during and after an incident (management reporting, communication with relevant stakeholders).
- In addition the SOC Security Incident Manager will provide guidance and training for the SOC Cyber Threat Response Analysts and Senior SOC Cyber Threat Response Analysts, develop and maintain Security Incident Response plans and contribute to the enhancement of the incident detection, analysis and response capabilities of the Bank.
Your skills and experience:
- 7-10 years of security experience in a technical role, mainly in the area of Intrusion Detection Systems, Platform and/or Network security
- Strong security background (understanding risk assessment, legal and regulatory requirements, threats, vulnerabilities, security policies etc.)
- Excellent technical understanding of enterprise grade technologies including security devices, network engineering, operating systems, databases and applications and their security settings and configurations
- Ability to read and understand system and network traffic data including security event logs, system logs, application logs, etc.
- Demonstrate prior experience in scripting languages, software vulnerabilities, hacking techniques, exploits, malware, forensics and/or reverse engineering
- Comprehensive knowledge of the threat landscape, adversary tactics, techniques, and procedures (TTP), general attack stages, kill-chain and attack types
- Broad knowledge and proven experience in incident handling and incident response methodologies
- Excellent knowledge of network security technology and various detection, analysis, troubleshooting and configuration control tools (e.g. SIEM, NIDS; DAM, Big Data Analytics, Log file and network traffic analysis, vulnerability scanner)
- Possess unimpeachable personal and professional integrity
- Excellent verbal and written communication skills (English language)
- Strong analytical and problem-solving skills and conceptual knowledge
- Experience of working in high performing teams and understand the dynamics of teamwork in an international SOC environment
- Ability to maintain analytical, accurate, targeted and highly flexible working mode under pressure
- Ability to be on-call afterhours on a regular and recurring basis
- Ability to take initiative and ownership of incidents from reporting to resolution
- Leadership skills for motivation and developing other SOC roles, managing stakeholders and enhancing and optimizing SOC capabilities
- Aptitude and authority for decision making, communication and execution Certifications:
- University degree in Computer Science or similar
- Relevant Security certifications (e.g. GCIH, GCIA, ECIH, CEH, OSCP, OSCE, GCFA, CSIH, CISSP) and technical certifications (e.g. CCNP, MSCE) are required
How we'll support you:
- Flexible working to assist you balance your personal priorities
- Coaching and support from experts in your team
- A culture of continuous learning to aid progression
- A range of flexible benefits that you can tailor to suit your needs
- Training and development to help you excel in your career