18 C
Thursday, May 30, 2024

Security Operations Center – PASHA Bank

Security Operations Center – PASHA Bank

Job purpose:

Responsible for analyzing incoming information for the purposes of identifying threats to the systems, infrastructure, resources and services critical to PASHA Bank; responsible for mitigating threats identified in the environment through Use Case design, development and maintenance. This position transforms threat actor profiles and associated TTPs gleaned from intelligence products into potential attack vectors. These attack vectors are then used to analyze the efficacy of current security controls coverage and support Use Case development. Implement, configure, support, and responsible for scalability of the vulnerability management service in the PASHA Bank

Main Accountability:

– Identifies the data sources required due to changing nature of threats to support requests coming from the bank
– Provides confidence-related reporting to assess Threat Intelligence data source alignment; highlights information gaps and validates sources
– Leverages information processing technologies to ingest and process data for analysis
– Conducts an analysis of the incoming TI information to determine the relevance and impact to the bank to make a forward-looking view of the threat landscape
– Identifies new Indicators of Compromise (IOCs) and support ongoing maintenance of IOC database
– Recommends changes to security device policies
– Provides report on the new findings covering number of fresh IOC generated mapped to threat, number of IOCs updated related to threats, TTPs observed mapped to threat and impacted/target system.
– Manages and prioritizes Use Case development queue
– Transforms newly identified threats, impacted assets and associated attack vectors coupled with business requirements into Use Cases
– Manages Use Case Development life cycle using established methodology and process
– Provides regular report based on established reporting metrics.
– Supports Vulnerability management Platforms
– Ensures efficient operation (full coverage) of vulnerability scanning of all critical technology platforms
– Utilizes an up-to-date Security Content Automation Protocol (SCAP) compliant vulnerability scanning tool to automatically scan all systems on the network on a periodical basis to identify all potential vulnerabilities on the organization’s systems.

Knowledge, skills and experience required:

• Education: Bachelor degree of Informational technology, mathematics or other relevant field.
• Work experience: 1-3 years of experience in Cyber Security
• License / Certificate Desirable – CCNA Security, CompTIA Security+, CompTIA CySA+ and other cybersecurity related certificates
• Foreign Language: English (intermediate) Russian(intermediate)
• Computer Skills:
– Experience with one or more TI platforms
– Experience with Open Source Intelligence (OSINT) collection tools and intelligence vendor portals
– Knowledge of relevant data formats (like JSON, STIX, etc.)
– Knowledge of log formats
– Understanding of security incident response fundamentals
– Knowledge/experience in Network forensics: network traffic protocols, traffic analysis (i.e. PCAP), intrusion detection
– Knowledge OWASP top 10 and WASC Threat Classification
– Experience with various vulnerability scanner

• Product Knowledge N/A
• Market Knowledge: N/A
• Other:
– Process and procedure adherence,
– Strong analytical and root cause analysis skills
– Work under pressure,
– Team player able to work effectively in a team fostered,
– Multi-tasking environment,
– Effective verbal and written communication skills,
– Good skills in problem solving
– Understanding of industry standard intelligence analysis models and techniques with analytical skills

Candidates are requested to send their Application Forms/CVs to [email protected] until 21/11/2020, Please indicate the name of the position (Security Operations Center) you are applying for in the subject line of the email. Otherwise, the candidacy will not be considered in the review process of the applications collected.

Please be advised that only shortlisted candidates will be invited to the further stages of the recruitment process.

İşin aid olduğu sahə

KateqoriyaBank və BOKT işçisi