Specialist, Cyber Threat Response - Kuala Lumpur, Malaysia - Standard Chartered Bank

    Standard Chartered Bank
    Standard Chartered Bank Kuala Lumpur, Malaysia

    2 weeks ago

    Standard Chartered Bank background
    Full time
    Description

    Role Responsibilities

  • Handle escalated security incident investigation and response from Cyber Threat Response Tier-1.
  • Be responsible for all stages of the incident response process; detection, collection, analysis, mitigation, and remediation - to appropriately respond to cyber security incidents.

    • Responsibilities

  • Handle escalated security incident investigation and response from Cyber Threat Response Tier-1.
  • Oversight on security incident response activities performed by Cyber Threat Response Tier-1.
  • Be responsible for all stages of the incident response process; detection, collection, analysis, mitigation, and remediation - to appropriately respond to cyber security incidents.
  • Proactive service improvements of monitoring & response playbooks to include lessons learnt from past incidents and perform deep-dive analysis on identified/known Tools, Techniques and Procedures (TTPs) of the cyber attacks.
  • Keep abreast on latest cyber security threats and vulnerabilities, in line with the changing Threat Landscape, Regulatory and Compliance requirements.
  • Validates and evergreen the cyber security incident response plans, playbooks and other relevant Standard Operating Procedures within Cyber Defence Centre.
  • Work closely with Cyber Defence Alliance (CDA) and Collective Intelligence & Command Centre (CnC) for collective response and situational awareness.
  • Cross collaboration and participate in joint investigations with Fraud, FCC/i3 and Property
  • Participate in the cyber stress testing and Table Top Exercises (TTXs)

    • Strategy

  • Keep abreast on latest cyber security threats and vulnerabilities, in line with the changing Threat Landscape, Regulatory and Compliance requirements.

    • Business

  • Take client-centric approach, supporting business in minimising risks from cyber threats.

    • Processes

  • Ensure adherence to all internal and external policies, procedures and regulations.

    • People & Talent

  • Lead through example and build the appropriate culture and values. Provide guidance and oversight to Tier-1 analysts and junior colleagues.

    • Risk Management

  • Be aware of, identify and escalate all risk issues and concentrations in accordance to the firm's Group Information and Cyber Security Policy. Where appropriate, direct remedial action and/or ensure adequate reporting to Risk Committees.

    • Governance

  • Promote an environment where compliance with internal control functions and the external regulatory framework is a central priority of the service.

    • Regulatory & Business Conduct

  • Display exemplary conduct and live by the .
  • Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
  • Effectively and collaboratively identify, escalate, mitigate, and resolve risk, conduct and compliance matters.

    • Key stakeholders

  • CISO, Security Monitoring and Alerting, Major Incident Management, Problem Management

    • Other Responsibilities

  • This position involves an "on-call" rostering component for escalated incidents.

    • Our Ideal Candidate

  • Diploma or Bachelor Degree in Engineering, Computer Science/Information Technology or its equivalent
  • GAIC Certified Incident Handler (GCIH) and CERT Certified Computer Security Incident Handler (CSIH) would be a plus.

    • Role Specific Technical Competencies

  • 5+ years of exposure in IT Incident Management, Incident Handing and Incident Response within a Tier 1 banking organization and advantage in a command centre environment (SOC).
  • Extensive knowledge and experience with security technologies including; EDR, IDS/IPS, Firewalls & Log Analysis, SIEM, Anti-Virus, Malware Protection, Network Packet Analyzer.
  • Strong knowledge of current threat landscape including common attack types, malware capabilities and recent well publicised security incidents
  • Experience in team management
  • Experience in managing critical and high impact situations related to technology failure
  • Technology support experience in hardware / software SME L2-3 levels
  • High degree of logical, analytical, & communication skills
  • English to an excellent standard – both written & oral
  • Strong ethics, loyalty and understanding of inclusiveness
  • Ability to deliver consistent results under pressure
  • Demonstrated - New Ways of Thinking 'apex' leadership