Specialist, Cyber Security & Vulnerability at Standard Bank Group

Job Purpose

To provide expert professional knowledge and technical skills within a specialist area. To execute the bank's information security initiatives, enabling management to make the appropriate decisions and monitoring the protection of sensitive data and systems.

Key Deliverables 

• Act as a trusted adviser for technology across the Group and stakeholders.
• Adhere to and implement the relevant technology standards developed by the wider IT Function.
• Adhere to Group minimum standards for vendor selection and participate in the selection of the most appropriate vendor with required expertise.
• Advise on and contribute to required targets and budgets to support the setting of reliable and realistic targets and budgets.
• Build and develop relationships across the different internal IT teams and with various stakeholders so that the business unit remains involved and aware of internal developments.
• Collaborate with a variety of stakeholders from different areas of expertise to positively influence the cyber threat identification outcomes, considering information security goals and requirements.
• Consider various attack scenarios and identify appropriate controls, by working with architects and software engineers to specify how information security technologies should be implemented.
• Design and implement quarterly operational plans and the practical application thereof, and ensure that operational plans are clearly articulated and are understood.
• Design complex detection rules, correlating multiple system information sources, based on proven hypotheses, with appropriate insight into business processes.
• Design pro-active monitoring and maintenance support processes, to ensure confidentiality, integrity and availability of services and underlying platforms to minimise information security incidents in accordance with the bank's risk appetite, identifying appropriate implementation activities.
• Design the automation and/ or integration of repeatable tasks, recommend for implementation as appropriate.
• Design, scope, execute and document threat hunts to determine if malicious activity exists within the environment, notify the incident response team as appropriate.
• Drive detection and response maturity by designing and recommending security operation centre control improvements.
• Evaluate and optimise Information Security spend on a regular basis, exercising financial prudence and maximising value where possible.
• Execute threat hunts in pursuit of investigating active breaches, as requested by the incident response team and other appropriate stakeholders.
• Guide and review the process of digitising and/ or automating of standard operating procedures indicated to contain security risks and optimise efficiencies.
• Identify new or changed information security developments, trends and products, share with team to continually develop information security knowledge and expertise, optimise information security operations and drive efficiencies.
• Include the learnings from cyber-security incidents, offensive exercises, targeted attack simulations into threat hunts and attack use cases.
• Lead and coordinate working groups from a variety of business areas to ensure a unified outcome for specific work requirements.
• Lead the review of detection rules, assessing false positives and improve efficacy of detection rules and minimise future false positives, design improvements required, implement accordingly.
• Participate and provide input to group-wide operational plans and the practical application thereof, and ensure that operational plans are clearly articulated and are understood.
• Participate in post incident analysis (both cyber and operational), identify control weaknesses and include remediations in planning and scoping activities, requesting support from more senior team members when required.
• Propose policies, processes and systems for implementation, drive implementation once approved in order to facilitate the management of risks.
• Prototype and pilot proposed information security solutions or capabilities to identify viability of new developments.
• Provide ad-hoc advice, and technical assistance to non information security teams.
• Provide ad-hoc advice, assistance, coaching and/ or mentoring to team mates so that their developmental needs are identified and met.
• Research and analyse threat intelligence information to hypothesize potential threats, prioritising based on criticality to identify malicious or nefarious activity.
• Review both commercial and open-source tools to enhance Standard Bank's security testing labs.
• Review new and emerging threats, tactics and procedures, understand how to defend against them to identify appropriate detection rules.
• Review new and emerging threats, tactics and procedures, understand how to defend against them to identify appropriate
  detection rules.

QUALIFICATIONS

Minimum Qualifications

• Type of Qualification: First Degree
• Field of Study: Information Technology

Experience Required
Software Engineering
Technology
1-2 years
Experience in risk management

3-4 years
Experience in software and integration development

5-7 years
Experience in technical and business management; databases, operating systems, and network security controls

ADDITIONAL INFORMATION

Behavioral Competencies:

• Adopting Practical Approaches
• Articulating Information
• Developing Strategies
• Embracing Change
• Exploring Possibilities
• Generating Ideas
• Interpreting Data
• Making Decisions
• Meeting Timescales
• Producing Output
• Providing Insights
• Team Working

Technical Competencies:

• Data Analysis
• Debugging and Fixing Software
• Design Patterns
• Software Development Life Cycle (SDLC) methodologies & Tools
• Systems Patterns Integration
• Technical Analysis
• Use of Build and Test Automation
• Write Code