Cyber Security Architect wanted – ADCB bank – Abu Dhabi

ADCB bank Abu Dhabi logo

APPLY HERE

ADCB bank Abu Dhabi logo
ADCB bank Abu Dhabi logo

Expiry Date: 2018/12/24
Ref. JB3845947
Lead – Cyber Security Architect

To manage and implement ADCB’s cyber security and incident response strategy by designing and implementing security measures, conducting vulnerability assessment and monitoring and managing the response to cyber security incidents to ensure bank operates within a pre-defined risk appetite to mitigate any foreseeable cyber security threats
 
ACCOUNTABILITIES
 
Technical and Cyber Security Advisory:
Evaluate technical risk, design, architecture, feasibility analysis, vendor review and security controls of all infrastructure technologies and business systems being implemented in the bank Manage programmes and projects to implement new information security products, tools, and innovations that would augment the controls and improve user experience Research the latest trends in threats, threat actors, industry security news, global security incidents and trends to ensure that the bank is protected against similar scenarios and design, develop and implement technical information security frameworks in line with the required standards

Vulnerability Management
: Manage and implement the vulnerability management lifecycle and penetration testing on the banking infrastructure and systems to ensure that all the bank’s technology systems are continuously protected against threats Manage the implementation of information security policies, procedures and technical standards to prevent unauthorised disclosures, unauthorised use, inappropriate modification, premature deletion and unavailability of data and business/infrastructure systems Develop and ensure technology baselines for the secure management of systems across all platforms, including development and maintenance of encryption standards, intrusion detection strategy, and network authentication

Security Operation Centre:
Manage an effective internal Security Operations Centre to ensure effective monitoring is carried out by SOC staff for any unauthorised use or leakage of sensitive data from the bank, phishing attacks, social media abuse and other malicious activities that could bring about a reputational damage for the bank or unauthorised access to bank’s critical systems Build capabilities within the SOC for advanced malware analysis, forensics and detection of advanced persistent threats

Monitoring: Design and implement a continuous monitoring strategy for the bank’s information systems according to the threat landscape for evidence of malicious activity or intrusion attempts Run programmes for the implementation of automated tools to bring efficiencies log collection, correlation, analysis tools for effective monitoring of security Provide advisory services to business and infrastructure projects on maintaining adequate audit trails so that sufficient evidences of computerised business activities exists to reconcile accounts Detect frauds, identify unauthorised access attempts and breaks ins and quickly resolve problems to maintain secure and reliable information systems within ADCB

Incident Response:
Create and oversee crisis and emergency management practices and provide in-depth technical advice for investigations of information security incidents such as internal frauds and hacker break-ins, ensuring root cause analysis is performed to identify and recommend corrective actions to prevent similar incidents from reoccurring Manage the SIRT (Security Incident Response Team) to conduct full coordinated cross functional response to major security incidents and lead the actions to a full remediation of any potential causes of security breach Provide technical information security consulting assistance for ADCB staff disciplinary measures, civil suits and criminal prosecutions, if and when needed

Big Data Security:
Review and recommend security configuration requirements for Big Data infrastructure in order to protect the confidentiality and integrity of customer’s personally identifiable information and to ensure availability of the system Review big data ecosystem/applications and determine where encryption is necessary in order to protect sensitive information. Review big data ecosystem/applications and determine optimum set of role based access controls to ensure access is based on a need to know basis Review Big Data architecture and recommend appropriate controls to ensure the infrastructure is protected against all internal and external threats Conduct periodic vulnerability assessments, internal penetration testing and recommend remedial action to ensure systems are secure, any implemented fixes are working effectively and no new venerability gaps are evident Perform detailed risk assessments of big data ecosystem in order to provide recommendations Recommend baseline security standards for big data infrastructure to ensure optimum security

People Management:
Manage self and team in line with ADCB’s people management policies, procedures, processes and practices to ensure adherence and to maximise own and employee contribution to business performance Manage the effective achievement of the team’s objectives through setting individual objectives, managing performance, developing the team and providing formal and informal feedback to maximise overall performance, engagement and motivation

Budget Management
: Contribute to the preparation of the business area’s budget and manage and monitor the financial performance against the budget so that areas of unsatisfactory performance are identified, rectified promptly and potential performance improvement opportunities are capitalised upon

Continuous Improvement:
Identify opportunities to contribute to organisational and departmental change initiatives, programmes and projects taking into account best practice and standards in the business environment

Customer Service:
Demonstrate Our Promise and apply the ADCB Service Standards to deliver the bank’s required levels of service in all internal and external customer interactions

Policies, Processes, Systems and Procedures:
Recommend and implement improvements to departmental policies, procedures and processes covering all areas of activity so that all relevant procedural requirements are fulfilled while ensuring that ADCB delivers best-in-class services, products and innovation

Skills

EXPERIENCE, QUALIFICATIONS & COMPETENCIES

Minimum Experience

At least 12 years of experience in a banking industry or similar environment, with 5 years of related managerial experience

Minimum Qualifications

Bachelor’s degree in Computer Science or equivalent

Professional Qualifications

Professional Certifications such as CISSP, CISA, SANS GIAC, CEH (mandatory)

Knowledge and Skills

In-depth knowledge in information security, specifically in risk/vulnerability assessment, data classification and industry standard frameworks such as ISO 27001, PCI-DSS

Thorough knowledge of firewalls, network components, protocols, intrusion prevention systems, antivirus software, web content filtering, database products

Sound understanding of the vulnerabilities in operating systems, databases and major applications and the technical knowledge necessary to mitigate these

Working knowledge experience of banking operations and related problems

Strong awareness of application security requirements and techniques