Senior Specalist, Cyber Response Playbook
About Standard Chartered
We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.
To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.
We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base.
The Role Responsibilities Purpose:
- Security Technology Services (STS) is a critical function within Standard Chartered Bank operating under the overall purview of "Technology Services" .
- The STS team is made up of cyber security thought leaders, who are accountable for the provision of a global set of cyber security services and products in order to maintain and continuously improve Bank's cyber security posture in today's ever evolving cyber security landscape.
- The STS team protect the Bank from cyber security threats by delivering effective information security technology services, managing and responding to security incidents to ensure, and support the continuity and growth of Bank's business operations; and meet the both internal and external stakeholders' expectations across 70+ countries and territories, in which SCB operates.
- As part of the Security Transformation activities within SCB, a new Cyber Threat Response Tier-2 within the Cyber Defence Centre is being created. This requires a highly skilled and experienced Cyber Security Professional in cyber threat analysis, security incident response & handling and security investigation & forensics.
- Handle escalated security incident investigation and response from Cyber Threat Response Tier-1.
- Oversight on security incident response activities performed by Cyber Threat Response Tier-1.
- Proactive service improvements of monitoring & response playbooks to include lessons learnt from past incidents and perform deep-dive analysis on identified/known Tools, Techniques and Procedures (TTPs) of the cyber attacks.
- Keep abreast on latest cyber security threats and vulnerabilities, in line with the changing Threat Landscape, Regulatory and Compliance requirements.
- Validates and evergreen the cyber security incident response plans, playbooks and other relevant Standard Operating Procedures within Cyber Defence Centre.
- Work closely with Cyber Defence Alliance (CDA) and Collective Intelligence & Command Centre (CnC) for collective response and situational awareness.
- Cross collaboration and participate in joint investigations with Fraud, FCC/i3 and Property
- Participate in the cyber stress testing and Table Top Exercises (TTXs)
Competencies (knowledge & skills):
- Security Technology Services - Service Managers (Heads) and Service Operations Managers
- Technology Services - Service Managers (Heads) and Service Operations Managers
- Office of the CISO, Group Operational Risk and other Risk & Compliance teams
- Internal and external stakeholders including Technology Services and Business functions, and vendors
- 10-15 years of more experience in Information and Cyber Security, preferably from Banking and Financial Services industry
- Strong analytics capability, demonstrated ability to solve complex problems and develop innovative solutions
- Strong knowledge of current threat landscape including common attack types, malware capabilities and recent well publicised security incidents
- Experience in security investigation and forensics would be a plus
- Strong knowledge and experience with security technologies including IDS/IPS, Firewalls & Log Analysis, SIEM, Anti-Virus, Malware Protection, Network Packet Analyzer.
- Strong knowledge of UNIX, Windows and Web security. Knowledge of APT response and defence would be an advantage.
- Strong sense of personal ownership and responsibility in accomplishing the organisation's goal. Shows confidence and will roll-up his/her sleeves to drive success
- Able to get things done in a quick-paced environment. Be transparent and open around what doesn't work and what does
- Excellent communication skills - oral, written and presentation; technical reporting writing across various types of tareget audiences.
- Good working knowledge of software application: Outlook (advance), Word (advance), Powerpoint (advance), Excel (advance)
- Diploma or Bachelor Degree in Engineering, Computer Science/Informaiton Technology or its equivalent
- GAIC Certified Incident Handler (GCIH) and CERT Certified Computer Security Incident Handler (CSIH) would be a plus.
Apply now to join the Bank for those with big career ambitions.