Internet y tecnología
72000 – 86000 Bruto/año
Duties and responsibilities:
- The Advanced Cyber Defense Director will be responsible for the areas that make up Advanced Cyber Defence:
- Threat Modelling: Take the responsibilities of the conceptual modelling of the attack surface, the new assets and appliances of BS Group and also the definition of the design of new case of use and the full use-case lifecycle management.
- Security Monitoring & analytics: is in charge of ensuring that the necessary, accessible and usable data is available at the necessary time (timely) to support the activities of the rest of the ACD areas (particularly Incident Response).
- Cyber Threat Intelligence: CTI provides information to strength the organization’s security posture by empowering stakeholders with an informed perspective on how cyber threats are relevant to their areas of responsibility. The activities involved include the information acquisition from different sources and sharing communities, the intelligence strategy, and the processing & analysis to generate different intelligence products
- Security Incident Response & Threat hunting: is the process by which the Group monitors, detects and responds to security events. This includes security alerts, triggered by preconfigured alerts on monitoring systems. When a new security incident occurs, the IR team handles it. The activities carried out encompass from the containment and eradication of the incident, to the recovery and generation of lessons learned. The creation of new playbooks are also part of the incident response process
- Identify Information Security risks and determine the controls, processes, governance, methodologies and technical architectures, services and tools needed to avoid or mitigate these risks.
- Provide support to security policy and control development; ensuring that both are aligned to industry best practice and regulatory requirements.
- Liaise regularly with Group CISOs to discuss the institutions risk posture taking into account different components such as internal findings, loss events, etc., including the management and reporting on KPIs and KRIs for information security.
- Coordinate internal and external audit finding remediation activities.
- Actively participate in the recruitment of information security team. Guide and mentor the team and take responsibility for their training and development.
- Provide the management and monitoring of the Unit programmes and budget.
- Own the assurance and relationships with industry partners, contractors, consultants and suppliers in the information security space.
- Maintain relationships with local police, enforcement and government agencies, and develop relationships with the institutions peers and liaise with the European Central Bank and other legitimated Interested Third Parties to share information when required.
– Strong academics, including a minimum of degree (preferably technical).
– Over 10 year’s experience of working in management roles related to information security, IT risk management and IT audit in the financial services sector.
– A broad range of security experience, e.g. cyber strategy, security target operating models, security transformation programmes, security change initiatives, security technologies, privacy, security standards such as NIST, ISF, ISO, SANS etc.
– Strong technical abilities combined with business acumen and an ability to succinctly disseminate important messages to an executive audience.
– Up-to-date knowledge of cyber and information security trends and threats facing financial services.
– Experience and knowledge regarding electronic fraud and online banking fraud.
– Qualifications such as CISA, CISM, CISSP, CRISC or equivalents preferred.
– Languages: Fluent in English and Spanish.
< Volver a Ofertas