DUTIES & RESPONSIBILITIES
Build, Maintain in-house CSIRT capabilities. Manage the BAU on Emergency Response and Logs & Detection topics. Manage relationship with vendors and stakeholders for specific change activities / tools Build and operate CSIRT use cases, in close coordination with other security functions and technology teams. Lead Threat Hunting exercises to prevent security incidents, analyze actual incidents & alerts. Build the Threat Intelligence capability by utilizing internal and external data sources. Provide input to the department’s management in order to enhance the information security response process. Contribute to implementation of policies and procedures in day-to-day business activities, such as Control Testing Review and Update Incident/Alert Management Procedure. Contribute to the reporting of all incidents according to the Incident Management System Contribute to improvement of tools to follow-up on the Security Incidents Contribute in the evolution/implementation of Incident Security procedures Requirements
Tertiary Education in Computer Science, Information Systems, Cyber Security, or other relevant fields. 3+ years of experience in IT Security with at least 1 year of experience as a SOC/CSIRT Manager is a must. Sound knowledge of Security Operations, Threat Hunting, Digital Forensics and Cyber Defense is a must. Capability to manage multicultural teams is a must. Experience working in an international and complex Financial environment, dealing with both business constraints and IT users across countries is a plus. Excellent communication and advocacy skills, both verbal and written, with the ability to express complex technical issues in an easily understood manner. Certification holder of GMON, GSOM, CISSP or other relevant certification(s) is a plus. Knowledge or experience of Cloud Environment and DevOps is a plus.