Preferred Candidate Background: coming from a consultancy agency - kpmg, Deloitte etc.
How will performance be measured: project scorecard at the end of delivery
Selling Points of Position (CVP): great team to work with, building towards more modern security operations - opportunity to with AI
Summary of day-to-day responsibilities:
Information Security Specialist (Cyber Security Incident Response Team)
Description:
Define, develop and/or implement Technology Controls / Information Security related policies, programs, tools and provide specialized expertise and guidance on assessing risks, identifying potential gaps and providing security solutions to mitigate risks and protect the Bank.
May participate on projects of moderate to high complexity and provide complex reporting, analysis, and assessments at the functional, business line or enterprise level for own area.
You will work within the Cyber Security Incident Response Team (CSIRT), leading in complex investigations, developing detection and hunting techniques, and strengthening our incident response capabilities.
Lead or contribute to containment and recovery plans for Cybersecurity Incidents.
Contribute to the review of internal processes and activities and assist in identifying potential opportunities for improvement.
Influence behavior to reduce risk and foster a strong technology risk management culture throughout the enterprise.
Must-Have Hard Skills:
Experience implementing or optimizing Microsoft E5 security suite
Has experience with Microsoft ecosystem from a security perspective - E5 or E3, XDR, Sentinel
Experience building incident response playbooks and runbooks (knowledge and document management)
Soft skills:
Someone with PMP skills sets - deck creations etc.
Strong communication skills - written and verbal
Someone who takes initiative and is creative with solving problems and coming up with solutions
Nice-To-Have:
Contribute low level details for various automation tasks - XSOAR
Scripting knowledge with python, creating custom API's etc.
Strategic optimization of a security operations center - traditional to modern platform approach