To face the ever evolving threats we are evolving and expanding Group Security & Business Resilience.As a global critical financial infrastructure, the protection of information and assets is fundamental to the company’s business. Security is at the core of our services, firmly embedded in the management systems and processes of the company. You will be joining our Group Cyber Security department in charge of putting in place the required controls to adequately and effectively protect our information assets.
You are a subject matter expert generate and disseminate contextual and actionable security threat and exposure information and subsequent reporting. You provide expert advice, priorities and follow-up on potential remedial actions. You interact with managerial as well as highly technical staff within and external.
•Management of the Cyber Security Incident Management to ensure timely mitigation and escalate to appropriate incident resolver groups and leadership as required;
•Manage the third-tier incident handling – remediation in collaboration with the IT resolver team;
•Execution of forensic investigations into potential or confirmed incidents in alignment with company guidelines.
•Execution of “malicious document”/ malware analysis to ensure timely proactive mitigation
•Owns the incident and leads the resolution, even the most complex, critical and sensitive cases.
•Identify any incident/request that requires increased focus and actions necessary to meet committed service levels.
•Management of incidents including containment, analysis, remediation and reporting; including stakeholder communications.
•Develop and maintain close working relationships with centrally and locally-based device owners, business stakeholders, business/application/solution architecture, application, IT & operational teams.
•Collaborate and work with Threat Intelligence and the SOC personnel to develop integrated incident management processes
5+ years of Information Security related experience
2+ years of hands-on experience in incident response
Good knowledge of at least of these Operating Systems : Windows, Unix/Linux
Good knowledge of networking (TCP/IP)
Good knowledge of forencis technique and process
Good knowlefge of evidence collection, including chain of custody
Capability to ensure confidentiality and discretion in performing sensitive tasks
Good security mindset;
A team-focused mentality with ability to work & collaborate effectively in a team environment;
Sense of urgency and able to apply risk based approach to prioritize work;
Strong analytical skills;
Strong verbal and written communication skills;
Strong ability to adapt & learn
Able to work autonomously
Motivated to learn new technologies and come up with process improvements and efficiencies
Reporting and continuous improvement mindset
A sense of humor
certifications GIAC Certified Incident Handler (GCIH), Forensic Analyst (GCFA), Forensic Examiner (GCFE), or other equivalent technical certifications ;
Knowledge of following technologies and processes :firewalls, IDS, proxy, WAF, Active Directory, antivirus, patch management, ...
Knowledge in Python Scripting
Knowledege of zOS ; Tandem
Experience with vulnerability management & threat management, vulnerability scanning , Data Loss Prevention (tools and processes)
Knowledge of IDA or other decompilation tools