Job Description

The Role Responsibilities Job Role This exciting opportunity within Active Threat Monitoring (part of the Group Threat Management) is to be a part of state-of-the-art team responsible for proactive identification, monitoring, and triage external cyber threats to the Group. The role reports to Lead, Active Threat Monitoring within Group Threat Management (part of Information and Cyber Security (ICS). Active threat monitoring is responsible for detecting external cyber threats targeting brand (for example, brand infringement and / or malicious websites using our trademarks), our people (i.e. executive impersonation), and data (such as third-party breaches that may impact the Group). The team will work closely with various internal (Cyber Intelligence Centre, Cyber Defence Centre) and external teams, vendors and partners. Strategy Responsible for implementing and following the external threat detection strategy regarding domain / brand infringement, impersonation, credential, and data loss. Awareness and understanding of the Group\'s ICS Strategy and ICS objectives. Working with stakeholders, particularly the Cyber Intelligence Centre, and Cyber Defence Centre, to establish cross-functional triage and mitigation strategies. Business Applies knowledge of tactical to strategic level intelligence analysis of cyber threats, vectors, and actors in support of Cyber Intelligence Centre detection and triaging requirements. Identify and establish relationship with internal and external stakeholders. Processes Collaborate with Group Threat Management functions, anti-fraud teams, C-level and executive offices, security monitoring operations, vulnerability management and risk assessments, network access control, incident response and maintenance. Proactively detect external cyber threats to the organisation. Build and implement clear, effective, and proactive plans for active threat monitoring and subsequent mitigation action. People and Talent Work through example and build the appropriate culture and values. Development in the areas of performance management, learning and development and engagement. Risk Management Be aware of, identify and escalate all risk issues and concentrations in accordance to the firm\'s Group Information and Cyber Security Policy. Where appropriate, direct remedial action and / or ensure adequate reporting to Risk Committees. Exemplify the Group\'s values and code of conduct and ensure that adherence with the highest standards of ethics, and compliance with relevant policies, processes, and regulations. Governance Build and implement external threat identification framework, methodology, gather and report on security metrics that demonstrate the relative cost / benefit of the function. Awareness and understanding of the regulatory framework, in which the Group operates, and the regulatory requirements and expectations relevant to the role. Agile change mindset to enable continuous improvement. Regulatory and Business Conduct Display exemplary conduct and live by the Group\'s Values and Code of Conduct. Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct. Effectively and collaboratively identify, escalate, mitigate, and resolve risk, conduct and compliance matters. Key Stakeholders Group CISO aligned functions including Cyber Security, Architecture, ICS Risk and Control, Identity and Access Control, ICS Portfolio, Heads of Information and Cyber Security (HICS) and other business stakeholders Our Ideal Candidate Strong experience and understanding of intelligence processes: analytical methods, the intelligence cycle, intelligence collection plans, source, and information evaluation, etc. Robust technical investigative skills and expertise, such as an understanding of network protocols (particularly network layer, presentation layer and application layer). Experience in external threat detection for brand / domain infringement, employee / executive impersonation, credential, and data loss. Ability to analyse Threat Actors TTPs, process large data sets to identify patterns and anomalies indicative of malicious activities. In-depth knowledge on the cyber threat management, including threat actors, attack types, tactics, techniques, and procedures. Familiarity with structured analysis techniques for intrusion analysis e.g., Kill Chain, Diamond Model, MITRE ATT&CK. Over three years of cyber security operations experience, preferably in the Banking and Financial Services sector. Experience working in a position for Threat Intelligence, Security Operations or Threat Hunting is essential. Hands-on experience in audit engagement and risk management is added advantage. Experience of being a contributory member of InfoSec Trust Groups (nice to have). Knowledge or experience in using various enterprise controls and technologies. Appropriate certifications, such as GIAC GREM, GDAT, GCTI (nice to have). Experience in the preparation and production of written security reports. Experience with Linux / Unix, database technologies (nice to have). Knowledge or experience in understanding attack techniques. Experience with incident response and security monitoring. SOC and investigation environment experience is preferred. Proficient in technical investigations. Role Specific Technical Competencies Ability to understand complex challenges and develop out-of-the-box solutions to solve them Ability to conceptualize, identify, evaluate, and synthesize information to formulate unbiased judgements, analytic lines, and relevant recommendations Thorough understanding of cyber threat actors and their tactics, techniques, and procedures (TTPs) as well as existing CTI frameworks, CTI tools, and IT systems Ability to determine whether existing constructs, frameworks, or tools require uplift, or if there is the need to develop new ones in response to innovations in adversary tradecraft or technologies Ability to present analytic conclusions, research, and methodologies to various audiences in an effective manner Ability to identify and adapt communication style. This covers medium, language, message, cadence and preference for different audiences, ranging from the strategic, executive level to highly technical practitioners, such as detection engineers and security architects Ability to understand operating systems principles, which include Design decisions inherent to system architecture How identities, access and authorization are administered How systems communicate with one another and the protocols used for certain types of communications Ability to identify the core concepts, components and conventions associated with cyber defensive measures and cyber security processes, technologies Knowledge of industry best practices and frameworks such as the NIST, Cyber Security Framework (CSF), MITRE ATT&CK Ability to understand business decisions around enterprise architecture design Provide peer mentoring and learning opportunities to fill knowledge and skills gaps while building a culture of cohesion and trust Ability to identify and apply appropriate CTI terms and frameworks to track and communicate adversary capabilities or activities Thorough knowledge of the Lockheed Martin Cyber Kill Chain, MITRE ATT&CK framework to visually create playbooks through phases of an adversary\'s TTPs The ability to interact effectively with peers and leadership to build a collaborative culture that embraces diversity in backgrounds, skills, knowledge and experiences to identify and answer key intelligence questions About Standard Chartered We\'re an international bank, nimble enough to act, big enough for impact. For more than 160 years, we\'ve worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you\'re looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents. And we can\'t wait to see the talents you can bring us. Our purpose, to drive commerce and prosperity through our unique diversity , together with our brand promise, to be here for good are achieved by how we each live our valued behaviours . When you work with us, you\'ll see how we value difference and advocate inclusion. Together we: Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well Be better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing. Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations Time-off including annual, parental / maternity (20 weeks), sabbatical (12 weeks maximum) and volunteering leave (3 days), along with with minimum global standards for annual and public holiday, which is combined to 30 days minimum Flexible working options based around home and office locations, with flexible working patterns Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential. Recruitment assessments - some of our roles use assessments to help us understand how suitable you are for the role you\'ve applied to. If you are invited to take an assessment, this is great news. It means your application has progressed to an important stage of our recruitment process. Visit our careers website

foundit