KEY RESPONSIBILITIES
Monitor user and system activity to identify suspicious activities leveraging on security systems.
Monitor network activity and investigate anomalous events and traffic trends
Check security monitoring status of systems on monitoring tools and initiate remediation of noted gaps.
Monitor alerts and alarms from security monitoring tools and initiate corrective actions
Configure and finetune security monitoring systems to make sure the Bank is sufficiently protected
Administer security tools ensuring optimal uptime and resource utilization
Investigate suspicious user and system events and identify breaches and root cause.
Mitigate intrusion attempts through proactive response to incidents.
Prepare manual and scheduled reports for various stakeholders
Research and stay up to date on technology and cybersecurity trends
DAILY RESPONSIBILITIES
Monitor event logs from various systems (firewalls, email, web and DNS, databases, etc) to identify suspicious activities for attacks, intrusions, and unusual, unauthorised, or illegal activity.
Perform incident drilldowns and investigations and escalate validated incident to designated incident response teams.
Follow up on security incidents with relevant support teams and ensure timely resolution.
Administer the performance, resource utilisation and overall health of the Bank's security monitoring tools.
Prepare and circulate SOC management reports and dashboards.
MINIMUM POSITION QUALIFICATION REQUIREMENTS
Academic and Professional
Education
Bachelor's Degree BSc. Information Technology / Computer Science / Cybersecurity / Engineering (Electrical, Electronic) or related field RQ
Professional Certifications
Information security certifications including, but not limited to:
Certified SOC Analyst (CSA)
Certified Incident Handler (E|CIH)
Certified Threat Intelligence Analyst (CTIA)
Certified Information Systems Security Professional (CISSP)
Certified Ethical Hacker (CEH)
PENTEST+
Security+
Certified Information Systems Auditor (CISA)
Certified Information Security Manager (CISM) AA
Particulars Detail Specific Field or Qualification Need Type
Any SIEM certification such as those from Splunk, IBM QRadar, LogRhythm, ArcSight, AlienVault, etc. AA
Any vendor-specific information security certification such as those from Palo Alto, Cisco, etc. AA
Master's Degree MBA / MSc Cybersecurity / Information
Systems Security / IT Security / IT AA
Experience
Total Minimum Number of Years of IT Experience Required 3
Detail Minimum No. of Years Need Type
Experience in Cybersecurity 2 ES
Experience in System/ Network/ Database or
Cloud Platform Administration, or Application Development 1 DE