Job Purpose:

To lead the development, implementation, management and assurance of the group-wide cyber security in order to ensure banks customer, sensitive data is adequately classified and protected. 

Job Specific Accountabilities

Security Monitoring

• Ensure overall governance of operation, configuration, monitoring and implementation of log monitoring tool.
• Ensure the 24 X 7 SOC monitoring the group enterprise log management and review solutions
• Review and guidance on developing and managing advanced predictive analytics, correlation rules in group SIEM to detect cyber threat
• Plan & conduct various reviews like Privileged account usage, reputation, brand monitoring
• Plan and run the security incident management program in coordination with cyber security best practice
• Ensure all critical infrastructure and applications logs are integrated with central SIEM
• Provide guidance on secure configuration of systems and services exposed to Internet sources as well as on all cloud related projects
• Serve as the SME on Linux and Windows platform security in AWS environments and guide the establishment of security settings and policies
• Identify risks and provide guidance regarding remediation of gaps to facilitate a hardened and sustainable cloud environments

Data protection

• Ensure a framework for roles and responsibilities with regard to information ownership, classification, accountability and protection.
• Oversee data leakage prevention solution compliance across the group
• Ensure the development & review of data protection policies in compliance with best standards practices and regulations
• Ensure the complete assessment of the data protection requirements globally and coordinate with group international security function.
• Lead the data leakage prevention program with DLP tools and robust DLP management progress.
• Support SLA monitoring and reporting for international locations
• Roll out Data Classification solution across the group

Anti-Phishing Reputation Monitoring

•   Ensure highlighted incidents by Third party monitoring service are reviewed and acted in timely manner.
•  Highlight the incidents reviewed and escalated to the management on a periodic basis.
• Liaise with multiple teams during a critical incident detection and act swiftly following established process to resolve the incident within its SLA.
• Eliminate false positives highlighted by the tools prior to raising as an incident and ensure all due diligence is done.
• Liaise with the marketing communication team for an impact assessment on brand reputation.

Continuous Improvement

• Lead the identification of opportunities for continuous improvement and sustainability of systems, processes and practices considering global standards, productivity improvement and cost reduction.

Reporting

• Ensure that all department reports are prepared timely and accurately and meet Group requirements, policies and quality standards.

• Minimum Qualification
• Should have Degree or Master’s Degree in computer science or equivalent in related domain
• Certification like CISSP, CIPP/E or CISA is a must
• Good understanding of SIEM tools like ArcSight with minimum hands-on experience of 5 years on SIEM tools.
• Possess good Project Management skills
• Highly developed communication skills, both verbal and written

Minimum Experience

• 10 years’ relevant experience in the banking/financial sector with at least 3 years in similar positions of progressively increasing managerial responsibilities in the Information Security function.
• Scripting knowledge in creating correlation rules and connectors
• Managing Security Operation Center (SOC) and alerts and eliminate false positives