Analyst

Year    Bengaluru, Karnataka, India
Standard Chartered
3319 Current Jobs Openings
Apply Now

Job Description

b'



Job: Technology
Primary Location: Asia-India-Bangalore
Schedule: Full-time
Employee Status: Permanent
Posting Date: 02/May/2024, 1:29:06 AM
Unposting Date: Ongoing


JOB SUMMARY
  • Overall 8+ Years of experience in information technology out of which 4+ years of experience in Cyber security and 2+ years of experience in threat modeling. Provide technical leadership and advise team members on attack and penetration testing. Ability to work both independently as well as lead a team. Familiarity with one or more threat modeling methodologies (e.g., MITRE, STRIDE, PASTA, LINDDUN, CVSS, Attack Trees, Security Cards, hTMM, Quantitative Threat Modeling Method, VAST Modeling, OCTAVE
RESPONSIBILITIES Strategy
  • Towards delivering and living out our TTO Strategy 25 by
  • Establish Strong Digital Foundations \xc2\xb7
  • Accelerate Transformation \xc2\xb7
  • Drive Process Excellence
Business
  • Contribute to the strategic goals of the organisation through the application of technology.
  • Solve problems through the application of technical knowledge and skill, determining when and how technology can solve business problems.
  • Scope and create technical solutions that contribute to the business\xe2\x80\x99s strategic goals
Processes
  • Identify new areas of focus and activity for both internal and external technology communities
  • Develop and roll out best practice in Technology domain of expertise or their specialism.
  • Rescue, remediate or provide expertise on initiatives with significant technology challenge
People & Talent
  • Be a role model and build the appropriate culture and values.
  • Set appropriate tone and expectations from their team and work in collaboration with risk and control partners.
  • Ensure the provision of ongoing training and development of people and ensure that holders of all critical functions are suitably skilled and qualified for their roles ensuring that they have effective supervision in place to mitigate any risks.
  • Employ, engage and retain high quality people.
  • Work with internal business teams, cross-functional engineering teams, and external vendors. \xc2\xb7
  • Effective conflict resolver and strong leadership skills to deliver on commitments and knowing when to say No to stakeholder
Risk Management
  • Make recommendations (and/or implement) to relevant stakeholders on possible risk management responses to identified risks and/or findings of concerns from investigations.
  • Manage escalations on PEP / Sensitive issues requiring additional assessment and/or control
Governance
  • Take personal responsibility for understanding the risk and compliance requirements of the role.
  • Understand and comply with, in letter and spirit, all applicable laws, and regulations, including those governing anti-money laundering, terrorist financing, and sanctions; the Group\xe2\x80\x99s policies and procedures; and the Group Code of Conduct.
  • Effectively and collaboratively identify, escalate, mitigate and resolve risk and compliance matters.
  • Embed the Group\xe2\x80\x99s values and code of conduct to ensure that adherence with the highest standards of ethics, and compliance with relevant policies, processes, and regulations among employee\xe2\x80\x99s form part of the culture
Regulatory & Business Conduct
  • Display exemplary conduct and live by the Group\xe2\x80\x99s Values and Code of Conduct.
  • Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
  • Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.
  • Lead to achieve the outcomes set out in the Bank\xe2\x80\x99s Conduct Principles
Other Responsibilities
  • Embed Here for good and Group\xe2\x80\x99s brand and values, Perform other responsibilities assigned under Group, Country, Business or Functional policies and procedures; Multiple functions (double hats)
OUR IDEAL CANDIDATE EDUCATION
  • Bachelor\'s degree in Computer Science, Software Engineering, or a related field
  • Overall 8+ Years of experience in information technology out of which 4+ years of experience in Cyber and cloud technologies
TRAINING
  • Experience in technical writeups, requirement gathering, documentation in cyber & cloud technologies
  • Experience and practice about writing professional documents.
  • Responsible for technical writeups, presentation, hackathon and roadshows
  • Responsible for writing and maintaining the documentation relating cyber and cloud technologies
  • Familiarity with one or more threat modeling methodologies (e.g., MITRE, STRIDE, PASTA, LINDDUN, CVSS, Attack Trees, Security Cards, hTMM, Quantitative Threat Modeling Method, VAST Modeling, OCTAVE)
  • Familiarity in Mitre Attack Navigator, Mitre Defend
  • Integrate / Leverage ChatGPT to perform threat modeling
  • Familiarity in Threat Modeling Automation tools and creating / consuming threat libraries
  • Familiarity in tools such as AttackIQ, Cymulate, Pentera, SafeBreach, Verodin (Mandiant Security Validation)
  • Exposure on programming languages
  • Exposure on DevOps tools, for ex. Bitbucket, Jenkins and Artifactory
  • Experience with Public Cloud platforms, for ex. AWS, Azure or GCP
  • Experience in cybersecurity processes with reference to NIST CSF
  • Critical thinking and problem-solving skills
  • Certified on Microsoft Azure Security Technologies, AWS security speciality and ATT&CK for Cyber Threat Intelligence are preferred
  • Partner with stakeholders to learn and understand a wide variety of threat model subjects
  • An adversarial mindset - candidate must be able to put themself in the mind of the attacker
  • Familiarity in penetration testing and red team methodologies
  • Exposure using common penetration testing tools using Burpsuite, Metasploit etc.,
CERTIFICATIONS
  • Cloud or Container Certifications like AWS SA, AZ-500, TF Associate
  • Certified on Microsoft Azure Security Technologies, AWS security speciality and ATT&CK for Cyber Threat Intelligence are preferred
  • Certification on Operationalizing MITRE ATT&CK, Foundations of Breach & Attack Simulation, Application of ATT&CK Navigator, Extending ATT&CK with ATT&CK Workbench
LANGUAGES
  • Exposure on programming languages
  • Exposure on Infrastructure as Code (IAC) tools like Terraform, Cloud formation
  • Familiarity DevOps tools, for ex. Bitbucket, Jenkins and Artifactory
  • Experience with Public Cloud platforms, for ex. AWS, Azure or GCP
  • Familiarity in API layer like security, custom analytics, throttling, caching, logging, monetization, request and response modifications etc.
  • Familiarity with Container platforms, for ex. Kubernetes, OpenShift, EKS, AKS or GKE
  • Familiarity in automation using Cloud services, like AWS Lambda or Step Function
  • Exposure creating Splunk use cases (SIEM) and Splunk query language
Role Specific Technical Competencies
  • Threat Modeling (Manual / Automation)
  • Threat Modeling Framework STRIDE, MITRE
  • Azure / AWS Public Cloud
  • Python, Go Lang, Java / .NET
  • Infrastructure as Code
  • PowerShell, Azure CLI,
  • Technical Writeups, Documentation
About Standard Chartered We\'re an international bank, nimble enough to act, big enough for impact. For more than 160 years, we\'ve worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you\'re looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents. And we can\'t wait to see the talents you can bring us.
Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you\'ll see how we value difference and advocate inclusion. Together we:
  • Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
  • Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
  • Be better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term
In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.
  • Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations
  • Time-off including annual, parental/maternity (20 weeks), sabbatical (12 weeks maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum
  • Flexible working options based around home and office locations, with flexible working patterns
  • Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
  • A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning
  • Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.
  • Recruitment assessments - some of our roles use assessments to help us understand how suitable you are for the role you\'ve applied to. If you are invited to take an assessment, this is great news. It means your application has progressed to an important stage of our recruitment process.
Visit our careers website www.sc.com/careers

Beware of fraud agents! do not pay money to get a job

MNCJobsIndia.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.


Related Jobs

Job Detail

  • Job Id
    JD3290659
  • Industry
    Not mentioned
  • Total Positions
    1
  • Job Type:
    Full Time
  • Salary:
    Not mentioned
  • Employment Status
    Permanent
  • Job Location
    Bengaluru, Karnataka, India
  • Education
    Not mentioned
  • Experience
    Year
 
 
Jobs by Function
Popular Job Skills
Popular Industries
Popular Cities
Jobseekers
Employers
Home | About Us | Terms & Conditions | Privacy Policy | Help and FAQ | Contact Us
All rights reserved © 2024.