Job title: Assistant Manager, Cyber Security (UAEN)
Company: Commercial Bank of Dubai
Job description: Description:
Operating in the UAE for over 50 years, CBD manages the financial requirements of some of the largest corporates and businesses operating in the country, driving the UAE economy. Over the years, CBD has transformed into a progressive and modern banking institution winning multiple awards for its digital initiatives, credit cards, bank accounts, mobile app features and services.
CBD has been recognized as the number one bank in the UAE on the Forbes list of The World’s Best Banks 2022.
As we continue to build upon our successes, we are looking for ambitious individuals who are passionate about the banking and finance industry and the markets in which CBD operates. Just as important to us is your ability to demonstrate a talent for dealing with people – your colleagues and our customers – and delivering service that really goes the extra mile.
Work primarily as part of the Security Monitoring and Incident Response Team, interacting with internal and external stakeholders. As well as, Support and work closely with the Head of Technology Risk in the implementation of proactive security monitoring processes, identifying/suggesting measures for monitoring and building security metrics with respect to IT risks in all business functions.
Act as technical support resource in a number of important Technology Risk activities, including Security Risk Assessments, Security Compliance Reviews and Independent Security Assessments
- Primarily manage and coordinate activities related to information security monitoring and incident response and regularly reviewing security metrics, reports, dashboards and alerts
- Good understanding of the SIEM, Cloud Solutions, Endpoint Security, Perimeter Security Email Security and Data loss prevention technologies such as Firewalls, IPS, NAC, WAF, Email Sandbox, Antivirus, EDR, DLP, Data classification and packet capture technology solutions.
- Splunk – Prior experience with Splunk Search and Reporting or Splunk Enterprise Security. Knowledge and experience creating searches, correlation rules and notables. As well as, Azure and other Security solutions.
- Perform daily log review in Splunk of all Security devices and Servers logs for availability and alerting if the devices are not reporting or not receiving the logs from these devices.
- Manage a team of security specialists who does the security operation on daily basis.
- Making strategic decisions and providing leadership and direction to Security Specialists and Engineers.
- Ensure prompt response to security incidents, escalating high-severity items to Head of Technology Risk and Head of Operational Risk
- Ensure all the alerts from Digital and Social media reputation alerts are addressed on time and communicated internally
- Perform security and architecture assessment and reviews, at different levels (i.e. network, IT assets, etc.) and ensure that identified risk is managed in accordance with the IT Risk Management program.
- Responsible for the development of appropriate information security policies, standards, procedures, checklists, and guidelines using generally – recognized security concepts tailored to meet CBD requirements and ensuring regular review of information security policies.
- Identify potential areas of vulnerability and risk; develop/implement corrective action and remediation plans.
- Assist the Unit in managing third parties and services providers, including preparation of RFP (Request for Proposals), definition of SoW (Scope of Work)
- Follow the internal CBD project management methodologies and standards, applying them to all engagements with third parties.
- Translate raw security events and incidents into meaningful business-relevant information, clearly highlighting the business impact and recommending remediation actions.
- Independently manage different technical assignments, involved in the evaluation and selection of third party vendors and solutions.
- Interact regularly with internal and external stakeholders, representing the Unit in different occasions.
- Manage security technologies and products to support Technology Risk projects and initiatives and Core focus on driving cyber security vision and roadmap on organization strategies
- Prepare Security Architecture design documents i.e. HLD(High level Design) and LLD(Low level Design) for review and better understanding.
- Detailed understanding of security architecture / design best practices, processes, risk assessment, planning, project management, documentation and presentation in Cyber Security environment.
- Oversee the operations of Information and Data security including business continuity, Threat hunting and intelligence
- Oversight, overlook execution of all required penetration tests, incident analysis and Forensic analysis, data loss analysis and other related investigations
- Work with security architects on providing active defense and proactive plans to enhance the security standards and posture
- Translate complex ideas at the intersection of Data Science, Analytics and Cyber Security Research to production ready features in our product
- Identify security design gaps in existing security solutions and proposed architectures and recommend changes or enhancements.
- Ability to work independently and in a team environment with both the local and global information security teams, Compliance and Legal teams
- Conduct comprehensive risk assessments in order to identify all issues and track them via implementing risk management methodologies
- Provide oversight of Cyber security solutions implementation including all activities, outputs, and outcomes related to project management and administration, including reporting, execution of project plans, and project performance
Experience and Qualifications
- Minimum 7 years as information security professional.
- IT Security and Information Security project management experience.
- Experience administering Information and IT security solutions and network devices.
- Degree preferably in Computer Science
- Strong technical background in IT Security, Information Security and Risk Management.
- ·Security certifications required (CISSP\CISM\CRISC\SANS etc)
- Supporting Certifications CEH, Comptia Security+, RHCSA, CoBIT, CGEIT, ISO 27001
- Knowledge of IT Security technologies/solutions, networking protocols, etc
- Able to interact effectively with all levels of a diverse team
- Skills in IT Governance, Risk Management (risk assessments) and Compliance
- Excellent analytical & interpersonal skills
- Manage multiple priorities
Job date: Thu, 06 Jul 2023 00:05:23 GMT
Apply for the job now!