KEY RESPONSIBILITIES

• Implement, operate, and maintain cyber threat detection tools and capabilities. This includes applying patches and updates to the CISOC toolkit.
• Ensure full security monitoring coverage of the bank’s technological ecosystem – both on premise and in Cloud – by working with system owners to enroll their systems to Security Information and Event Management SIEM, Database Activity Monitoring DAM, Network Detection and Response NDR, and other CISOC platforms
• Perform threat modelling exercises to characterise real-world cyber risk scenarios. Develop and implement use cases to detect these cyber threats.
• Design and execute processes to continuously seek and receive feedback from the frontline Security Monitoring Analysts, Cybersecurity Specialist, Threat Hunting and Intelligence, and other important stakeholders about the efficacy and efficiency of detection logic. Use said input to devise, finetune, amend, test, and iterate use cases. Formulate metrics to track the same.
• Act as the cybersecurity logging and monitoring Subject Matter Expert SME in support of the bank’s IT projects. Provide thought leadership by setting forth requirements and ensuring adherence to Minimum Security Baselines MSBs on log composition and structure. Work with project teams to validate the same. Onboard systems to SIEM and DAM and craft relevant use cases as key prerequisites to project approval.
• Curate and sustain the CISOC’s library of living, detailed use case documentation
• Ensure that daily and weekly system checks for issues such as log source dormancy and system bottlenecks, and biannual OEM health checks are carried out for the CISOC toolkit SIEM, DAM, NDR, and any other CISOC tools. Pursue automation of repetitive, manual tasks.
• Conceive and create frameworks, guides, manuals, Minimum Security Baselines MSBs, and Standard Operating Procedures SOPs relating to log source onboarding, use case creation and maintenance, CISOC systems administration, and all other facets of SOC Engineering. Ensure the same are approved, applied, and followed through consistently.
• Evaluate the suitability of the CISOC toolkit. Research and propose new technology acquisitions to improve the CISOC’s overall detection proficiencies
• Participate in the analysis and remediation efforts of cybersecurity incident response and apply the learnings therefrom towards improving the bank’s threat detection competencies.

MINIMUM POSITION QUALIFICATION REQUIREMENTS

Academic & Professional

• Bachelor’s Degree
• BSc. Information Technology, Computer Science, Telecommunications, Electrical and Electronics Engineering, or related RQ
• Professional Qualifications Minimum 1 of the listed certificates for RQ

Information security certifications such as:

• Certified SOC Analyst CSA
• Certified Incident Handler E|CIH
• GIAC Certified Intrusion Analyst GCIA
• GIAC Certified Incident Handler GCIH
• GIAC Certified Forensic Analyst GCFA
• Certified Information Systems Auditor CISA
• Certified Information Systems Security Professional CISSP
• Certified Information Security Manager CISM
• At least one RQ
• Several are AA
• Master’s degree
• MSc. Cybersecurity, Information Systems Security, IT Security, IT, or related AA

Experience

• Total Minimum Number of Years of IT Experience Required    5 years

Detail Minimum No of Years Need Type

• Experience in Information Security/Cybersecurity 3 ES
• Experience in Security Operations Centre/security monitoring 2 ES
• Experience in cybersecurity tool administration DAM, EDR, NDR, SIEM, SOAR, WAF, XDR, etc. or Content/Detection/Security/SOC Engineering 2 ES
• Experience in the Financial Services Industry 1 DE
• Experience in a complex technological environment 2 DE