Information & Cyber Security Risk Specialist

Job Summary

Information and Cyber security are primary areas of focus. In the second line of defense, this position reports to the Chief Information Security Officer (CISO) and is a key member of the CISO's team. This position is stationed in New York City supporting the Information and Cyber security programs serving their domestic and international locations.

The purpose of this position is to lead the various information and cyber security technical activities to enhance the overall security posture of the bank. Among others, oversees some of the key functions, including:

• Developing, facilitating, coordinating, tracking, validating and reporting system/network Penetration Testing Program.
• Developing, managing and reporting Threat Intelligence & Threat Hunting Program
• As Information/Cyber Security Incident Handler, managing and reporting the Bank's Incident Response Plan, including conducting table-top exercises.

The candidate shall maintain the highest ethical standards and adherence to established rules of engagement.

Key Responsibilities:

• Act as a Technical Subject Matter Expert (SME) to define information and cyber threat landscape, cyber intrusion threat vectors, identify vulnerabilities, exploitation & suggest remediation.
• Perform the security penetration tests for applications and IT infrastructure; defining scope, coordinating attacks, executing tests and reporting findings, following an established methodology in accordance with defined processes.
• Develop & manage the test environment, tools, scripts & programs for automated penetration testing.
• Develop, manage and report Threat Hunting program that leverages threat intelligence and Indicators of Compromise (IOCs) to detect threats, identify security gaps and improve SOC operations.
• Track metrics and trend analysis on discovered attacks, vulnerabilities, and mitigations.
• Proactively research emerging cyber threats. Apply analytical understanding of hacker methodologies and tactics, system vulnerabilities and key indicators of attacks and exploits.
• Perform network traffic analysis utilizing raw packet data, net flow, IDS, and custom sensor output as it pertains to the cyber security of communications networks.
• Utilize understanding of attack signatures, tactics, techniques and procedures associated with advanced threats.
• Lead the Incident response plan for the Bank by guiding first line of defense to perform technical analysis & forensic investigation and coordinate the plan with other business key stakeholders.
• Prepare custom dashboard, alerts, searches and log parsing in SIEM to improve visibility on security threats
• Preform day to day monitoring of security tools & fine tune them as needed
• Develop and manage threat intelligence program through designing of push indicators, threat model frameworks (e.g. Kill Chain, Mitre Att&ck, Stride, etc.), threat intelligence platform, reporting and KRIs, etc.
• Coordinate with SOC and first line (IT) in aligning the threat management, incident response and any cyber defense tactical and technical matters.

Desired Skills and Experience
Professional Qualifications

• Bachelor's degree in Computer Science or related discipline or equivalent work experience
• Strong application, network and system security technical skills required
• Minimum 8 years in Information and Cybersecurity experience
• Security certifications required such as CEH, OSCP, GPEN, CISSP and other relevant pen testing / vulnerability management tool certification a-Plus.
• Highly motivated, energetic, detail-oriented with ability to multi-task effectively
• Ability to complete projects and perform daily tasks with minimal supervision
• Excellent oral, written, and presentation skills
• Ability to set and meet deadlines
• Support 24*7*365 days availability mindset
• Strong interpersonal skills

Technical Skills:

• Expert in penetration testing, information/cyber incident handling, cyber threat intelligence, threat hunting.
• Solid hands on experience with various tools, platform & techniques for penetration testing.
• Experience with Kali Linux, Metasploit, PhP, Python & PowerShell
• Experience with incident management & technical analysis
• Solid understanding of cyber security threats, defenses, motivations and techniques
• Security monitoring tools (SIEM, auditing and log collection tools, network IDS/IPS, malware detection)
• Data analysis including normalization and anomaly recognition
• Networking technologies (TCP/IP/etc.) and protocols (SSL, SSH, LDAP, SMTP, DNS, etc.)
• Unix, Linux, and Windows Operating Systems and Microsoft Active Directory