• Competitive
  • Warsaw, Mazowieckie, Poland
  • Permanent, Full time
  • Standard Chartered Bank
  • 2019-04-20

VP-Cyber Threat Hunting

  • Location: Warsaw, Mazowieckie, Poland
  • Salary: Competitive
  • Job Type: Full time

VP-Cyber Threat Hunting


Job Description - VP, Cyber Threat Hunting

ROLE

Business Title: VP, Cyber Threat Hunting
Grade: 5A
Business Unit: ITO, Technology Services, Security Technology Services
Job Family: Security Technology Services
Location: Warsaw, Poland
REPORTING RELATIONSHIPS:

Reports Directly to: Head, Cyber Defence Centre
PURPOSE:
Security Technology Services (STS) is a critical function within Standard Chartered Bank operating under the overall purview of "Technology Services" .

The STS team is made up of cyber security thought leaders, who are accountable for the provision of a global set of cyber security services and products in order to maintain and continuously improve Bank's cyber security posture in today's ever evolving cyber security landscape.

The STS team protect the Bank from cyber security threats by delivering effective information security technology services, managing and responding to security incidents to ensure, and support the continuity and growth of Bank's business operations; and meet the both internal and external stakeholders' expectations across 70+ countries and territories, in which SCB operates.

As part of the Security Transformation activities within SCB, a new Cyber Threat Hunting service within the Cyber Defence Centre is being created. This requires a highly skilled and experienced Cyber Security Professional in data analysis, threat intelligence, and cutting-edge security technologies.

RESPONSIBILITIES:
· Build, lead and manage the Cyber Threat Hunting capability to combat advanced and targeted attacks
· Provide leadership, guidance and oversight to drive Cyber Threat Hunting maturity improvements across STS, in line with the changing Threat Landscape, Regulatory and Compliance requirements
· Proactive identification of abnormal/malicious activity on the network and advanced cyber threats that evade our security controls, guided by internal and external threat intelligence
· Perform research, attribution and analysis of the cyber threats
· Perform assessment of intent, capability and opportunity to do harm of the threat and how they overlap with controls around the cyber kill chain, while explaining the "Who, What, Where, When, Why and How."
· Develop tools and techiques to identify cyber threats, suspicious/anomalous activity, fileless malware, etc.
· Responsible for participating in threat actor based attribution and investigations, creating new detection methodologies, and provided expert support to incident response and security monitoring functions
· Provide expert analytics investigative support of large scale and complex security incidents, when required
KEY STAKEHOLDERS:
· Security Technology Service - Service Managers (Heads), Service Operations Managers
· Internal and external stakeholders including Technology Services and Business functions, and vendors
COMPETENCIES (KNOWLEDGE & SKILLS):
· 10 years or more experience in Information and Cyber Security
· Internal & external situational awareness and intelligence-led hunting and analytics experience
· Must understand typical threat actor profiles, the typical indicators associated with those profiles, and be able to synthesize the two to develop innovative techniques to detect threat actor activity
· Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors
· Must be able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms
· Strong experience with digitial forensic on host or network from malware perspective, ability to identify anomalous behavior on network or endpoint devices
· Experience with information security tools such as an enterprise SIEM solution, IDS/IPS, endpoint security, and security monitoring solutions
· Self-starting, organized, proactive, and requiring minimal management oversight
· Excellent communication skills - oral, written and presentation; technical reporting writing across various types of tareget audiences.
· Diploma or Bachelor Degree in Engineering, Computer Science/Informaiton Technology or its equivalent
· Relevant security certifications; CISSP and GCIH or GCIA