Lead - Threat Management and Advisory

JOB PURPOSE

To manage and implement ADCB’s cyber security and incident response strategy by designing and implementing security measures, conducting vulnerability assessment and monitoring and managing the response to cyber security incidents to ensure bank operates within a pre-defined risk appetite to mitigate any foreseeable cyber security threats

ACCOUNTABILITIES

Technical and Cyber Security Advisory

• Evaluate technical risk, design, architecture, feasibility analysis, vendor review and security controls of all infrastructure technologies and business systems being implemented in the bank
• Manage programmes and projects to implement new information security products, tools, and innovations that would augment the controls and improve user experience
• Research the latest trends in threats, threat actors, industry security news, global security incidents and trends to ensure that the bank is protected against similar scenarios and design, develop and implement technical information security frameworks in line with the required standards

Vulnerability Management

• Manage and implement the vulnerability management lifecycle and penetration testing on the banking infrastructure and systems to ensure that all the bank’s technology systems are continuously protected against threats
• Manage the implementation of information security policies, procedures and technical standards to prevent unauthorised disclosures, unauthorised use, inappropriate modification, premature deletion and unavailability of data and business/infrastructure systems
• Develop and ensure technology baselines for the secure management of systems across all platforms, including development and maintenance of encryption standards, intrusion detection strategy, and network authentication

Security Operation Centre

• Manage an effective internal Security Operations Centre to ensure effective monitoring is carried out by SOC staff for any unauthorised use or leakage of sensitive data from the bank, phishing attacks, social media abuse and other malicious activities that could bring about a reputational damage for the bank or unauthorised access to bank’s critical systems
• Build capabilities within the SOC for advanced malware analysis, forensics and detection of advanced persistent threats

Monitoring

• Design and implement a continuous monitoring strategy for the bank’s information systems according to the threat landscape for evidence of malicious activity or intrusion attempts
• Run programmes for the implementation of automated tools to bring efficiencies log collection, correlation, and analysis tools for effective monitoring of security
• Provide advisory services to business and infrastructure projects on maintaining adequate audit trails so that sufficient evidences of computerised business activities exists to reconcile accounts
• Detect frauds, identify unauthorised access attempts and breaks ins and quickly resolve problems to maintain secure and reliable information systems within ADCB

Incident Response

• Create and oversee crisis and emergency management practices and provide in-depth technical advice for investigations of information security incidents such as internal frauds and hacker break-ins, ensuring root cause analysis is performed to identify and recommend corrective actions to prevent similar incidents from reoccurring
• Manage the SIRT (Security Incident Response Team) to conduct full coordinated cross functional response to major security incidents and lead the actions to a full&

EXPERIENCE, QUALIFICATIONS & COMPETENCIES

• At least 12 years of experience in a banking industry or similar environment, with 5 years of related managerial experience
• Bachelor’s degree in Computer Science or equivalent
  Professional Certifications such as CISSP, CISA, SANS GIAC, CEH (mandatory)
• In-depth knowledge in information security, specifically in risk/vulnerability assessment, data classification and industry standard frameworks such as ISO 27001, PCI-DSS
• Thorough knowledge of firewalls, network components, protocols, intrusion prevention systems, antivirus software, web content filtering, database products
• Sound understanding of the vulnerabilities in operating systems, databases and major applications and the technical knowledge necessary to mitigate these
• Working knowledge experience of banking operations and related problems
• Strong awareness of application security requirements and techniques
• Extensive experience in enterprise security architecture design, vulnerability management
• Knowledge and ability to apply risk management techniques to security policy enforcement and compliance