**Job Purpose **- The Bank has established Security Monitoring Process and Cyber Security Incident Response Process to detect and response to security incidents, and drive timely containment and remediation of the incident.**Key Responsibilities **- Handle escalated security incident investigation and response from Tier-1: SOC Analyst.- Oversight on security incident response activities performed by Tier-1: SOC Analyst.- Proactive service improvements of monitoring & response playbooks to include lessons learnt from past incidents and perform deep-dive analysis on identified/known Tools, Techniques and Procedures (TTPs) of the cyber-attacks.- Keep abreast on latest cyber security threats and vulnerabilities, in line with the changing Threat Landscape, Regulatory and Compliance requirements.- Validates and evergreen the cyber security incident response plans, playbooks and other relevant Standard Operating Procedures within Cyber Defence Centre.- Work closely with Service Management: Incident Management for collective response and situational awareness.- Participate in the cyber stress testing and Table Top Exercises (TTXs)- Utilizes and adheres to defined workflow and processes driving the Incident Response and mitigation efforts.- Collects supporting information and/or relevant artifacts in support of Incident Response activities.- Escalates and hands off to team members and leadership based on defined threat and priority determination.- Conducts technical analysis on impacted systems to determine impact, scope, and recovery from active and potential cyber incidents.- Leverages Forensics tools, techniques, and capacities to support Cyber Incident Response activities.- Documents results of cyber threat analysis and subsequent remediation and recovery in an effective and consistent manner.- Executes the Incident Response lifecycle and coordinating remediation activities throughout the Verizon organization and its lines of business as a part of Cyber Incident Handling.- Recommends solutions to optimize both technical and process/procedure aspects of the end to end incident lifecycle.- Produce security incident report- This position involves an "on-call" rostering component for escalated incidents.**Job Specification ***Qualifications**:- (Basic Degree/Diploma etc.)- Bachelor's Degree or Professional Qualification in the relevant discipline (IT / Computer Science)- Professional Qualification and/or Regulatory, Licensing requirements- Security certifications e.g. CISSP, EC-Council, SANS, etc. are preferred. Network certifications e.g. CCNA, CCNP, etc. are added advantages- Relevant Work Experience- 4++ years of experience in IT security, preferably in IT/Cyber security monitoring, incident response, threat intelligence analysis role of a banking environment**Required Competencies and Skills *Competencies/Skills- (Essential to succeed in this job)Technical/Functional skills- 3++ years of work experience in one or more of the following roles: SOC Analyst, Security Incident Response, Cyber Threat Hunter, Cyber Crime investigations, Cyber Threat Analysis, Cyber Threat Campaign Tracking.- Understanding of common operating systems and IT Infrastructure such as Windows, Unix/Linux, Active Directory, firewalls, proxies, etc.- Familiarity with automation concepts and proficiency in scripting languages such as Python, Perl, JavaScript, Powershell, etc.- Strong analytical skills and critical thinking skills- Effective communication skills (both written and verbal)- Strong organization, prioritization, and rationalization skills.Personal skills (Soft Competencies (Core/Leadership))- Highly results-oriented and can work independently.- Ability to build relationships and interact effectively with internal and external parties.- Ability to plan, organize and prioritize tasks.- Ability to work effectively as a team.- Good analytical, technical, written and verbal communication skills.
