Cyber Defense Analyst

Job Description

About the Team:

Are you eager to elevate your career to new heights? Join us for an exhilarating opportunity to pioneer our groundbreaking digital bank project, where boundless possibilities await!

We're thrilled to extend an invitation for you to join our vibrant team of visionaries, innovators, and trailblazers.

As a Cyber Defense Analyst of our digital bank project, we're not just offering a job; we're presenting an opportunity to be part of something extraordinary.

You'll collaborate closely with some of the sharpest minds in the industry, operating within a supportive and collaborative environment that fosters creativity and exploration.

Your next thrilling adventure awaits with our digital bank project. Join us in shaping the future, today!

About the Role:

• Our first line cyber security team and responsible for overseeing and managing the bank's cyber defense capabilities and strategies to protect against cybersecurity threats.
• A team of cybersecurity professionals and coordinating defense measures to ensure the security of the organization's information assets. 

What You'll Do:

• Develop and implement the organization's cyber defense strategy and roadmap in alignment with business objectives and risk appetite 
• Identify and prioritize cyber defense initiatives, projects, and investments based on the threat landscape and risk assessment
• Define and maintain cyber defense policies, standards, and guidelines to ensure consistent implementation of security controls
• Collaborate with stakeholders to understand business requirements and incorporate them into the cyber defense strategy
• Manage and lead the Threat Prevention teams of Perimeter & Network Security, Server, Endpoint & Mobile Security, Cloud Security and Data Loss / Leakage Prevention (DLP)
• Oversee plan, design, implementation, testing and operation of the cyber security processes and systems
• Work closely with the Head of Cyber Security to build and mature the Threat Prevention Strategy including tooling and processes
• Recognize, adopt and instill best practices in security engineering and operations through the threat prevention controls
• Manage and lead a team of cybersecurity professionals responsible for monitoring, detecting, and responding to cybersecurity threats
• Oversee the day-to-day operations of cyber defense systems, such as perimeter and network security, intrusion detection systems (IDS), endpoint detection and response (EDR) tools, and/or data loss prevention (DLP)
• Ensure effective incident response processes and procedures are in place, including incident triage, containment, investigation, and remediation
• Coordinate with internal teams and external partners for threat intelligence sharing and collaboration on incident response activities
• Monitor and analyze security event logs, network traffic, and system behavior for indicators of potential security incidents or breaches
• Implement and manage security monitoring tools and technologies to enhance threat detection capabilities
• Ensure compliance with relevant laws, regulations, and industry standards pertaining to cyber defense and incident response
• Collaborate with legal, compliance, and risk management teams to address cybersecurity and data protection requirements
• Conduct periodic security assessments and audits to assess the effectiveness of cyber defense controls and address any identified gaps
• Develop metrics and key performance indicators (KPIs) to measure and report on the effectiveness of cyber defense operations
• Foster collaboration and cross-functional cooperation with other teams, such as IT operations, security architecture, and incident response, to achieve common cybersecurity goals

What We're Seeking:

• Preferably with one or more of the related certification in the areas of Cyber Security/Information Security – CISSP, CEH, CISM, Comptia CYSA+, GIAC GCFA, GCTI, GCIH and GREM or other relevant certifications
• Familiarity with industry cybersecurity frameworks and standards, such as NIST Cybersecurity Framework, ISO 27001, and CIS Controls, is necessary. Understand the requirements and best practices outlined by these frameworks and be able to align security programs and practices accordingly. Familiar with local regulatory requirements such as BNM RMIT, Paynet, PCI-DSS
• In-depth knowledge and understanding of cybersecurity principles, best practices, and technologies are necessary. Have expertise in threat intelligence analysis, incident response, vulnerability management, and security operations. Stay abreast with the latest cyber threats, attack vectors, and mitigation techniques
• Strong experience in incident response planning and execution is crucial. Competent in leading and coordinating incident response efforts, conducting investigations, and implementing remediation measures. Experience in managing such as perimeter and network security, intrusion detection systems (IDS), endpoint detection and response (EDR) tools, and/or data loss prevention (DLP) is beneficial
• Proficiency in conducting security risk assessments, vulnerability assessments, and penetration tests is important. Experienced in identifying and assessing security risks, developing risk mitigation strategies, and implementing controls to protect against cyber threats.

What We Value:

• Open-mindedness and constructive communication, fostering an environment of mutual support and growth.
• Responsibility and ownership, with a strong sense of accountability.
• Commitment to teamwork and achieving shared goals.
• Customer focus and dedication to delivering results.
• A proactive approach to leading change and innovation.

Perks & Benefits

• Nearby public transport
• Central location
• Smart casual dress code
• Medical insurance
• Open culture