The Ugandan Jobline

• Microsoft Advanced Threat Analysis (ATA)
• Endpoint Detections and Response (EDR)
• Security Incidents and Events Monitoring
  (SIEM)
• Network Threat Detection
• Database Activity Monitoring
• Digital Forensics, Logging and Log
  management

• Ensure cybersecurity resilience
  assessments to determine the Bank’s ability to detect, respond and recover
  from cybersecurity incidents and advise accordingly on requisite
  improvements in incident response, threat detection and reporting
• Leadership for the Bank’s initiatives to
  implement and operate the cybersecurity capability that includes Endpoint
  Detection and Response (EDR), Identity Based Detection with Microsoft
  Advanced Threat Analysis (ATA) and Security Incidents and Events
  Monitoring (SIEM) with Qradar.
• The incumbent will be partnering with the
  business to develop and operationalize standard business lead
  cybersecurity incident response procedures and routinely maintain them
  through testing and simulation.
• Maintain up to date case management tools
  with evidence trails from all analyzed incidents 
• Tasked with monitoring via the SIEM and
  other reporting consoles as well as external threat intelligence sources
  such as web and email and report all suspicious activity through periodic
  and event driven reports
• Lead Cybersecurity Incident Response Team
  (CSIRT) activities such as reporting, analysis, response, containment,
  recovery and documentation as stipulated by the standard procedures
• Routinely reviewing all mission critical
  audit trails for material exceptions e.g. Fraud and abuse bank assets
  according to the Bank’s security policies and procedures
• Building capacity in tools and/or systems
  to reconstruct data and restore system states for investigative
  purposes 
• Support for FCC in collecting digital
  forensic evidence in the event of abuse according to the chain of custody
  and ensure the evidence collected in valuable in-line with the
  requirements of the judicial system and document findings for all
  investigated incidents
• Ensure compliance with internal log
  management standards and regulatory requirements concerning retention
• Keenly review the systems in the event of
  outages, processing errors and electronic failures to ascertain and advise
  on data integrity
• Continuously monitoring the environment
  for critical technology incidents support the banks cyber incident
  detection and response plans
• Provide advisory and support in policy
  development and skills development in the unit to ensure critical business
  systems are auditable and can support forensic investigations
• Continuously update on emerging threat and
  attack trends and support the Bank in developing capability to mitigate
  these threats
• Ensuring that all mission critical systems
  are effectively logging for threat detection and investigation purposes.
  The logs are protected and retained in line with Bank policies and
  procedures.

• The applicant for the Stanbic Bank Manager
  Cyber Security Operations & Digital Forensics career opportunity
  should hold a University degree in Computer Science, Computer Engineering,
  IT or a related subject
• Information Security and /or Information
  Technology industry certification (CCNA, CCNP, CISSP, CISM, CEH,
  CISSP-ISSMP, CISA, CRISC or GIAC equivalent) strongly preferred.
• At least three years of System Security
  experience – Threat Analysis, Threat Detection, NOC, Security Incident and
  Events Monitoring and Digital Forensics
• One year of security experience in
  Incident Management/Intrusion (Forensics) Analysis/Reverse Engineering;
• Working knowledge of these technologies or
  domains will be an added advantage (Microsoft Windows Servers OS, Active
  Directory, Unix AIX, Linux, Cisco IOS, Cloud Technologies, Qradar and
  Endpoint Threat Detection
• Advanced understanding of information
  security technologies such as SLAM, SIEM, Syslog, Firewalls, Intrusion
  Detection Systems, Antivirus, Web & Content filtering solutions,
  Network Access Control etc.
• Process and project management
• Working knowledge of ITIL processes
  including change, incident and problem management.
• Working knowledge of standard business
  processes including work prioritization, best practices.
• Comprehensive knowledge of the ISO 27002
  Standard and PCI DSS
• Knowledge of domestic and international
  banking industry
• Extensive knowledge of the Bank’s
  business, products, key clients, business strategy and strategic issues
• Working knowledge of regulatory
  requirements of home markets
• Extensive general technical knowledge of
  information technology infrastructure.
• Strategic and executive management
  knowledge.
• Certificate in IT service management
  (ITIL)
• Ability to interpret complex data into
  meaningful information
• Knowledge and experience in Security
  operations
• Broad knowledge and understanding of the
  current state and strategic direction of IT Infrastructure.
• Strong understanding of the business
  climate and technology needs in the global enterprise.
• Negotiation experience, particularly
  across the geographies and cultures of a global organisation.
• Previous experience in dealing with global
  customers and suppliers, preferably in a relationship/account/executive
  management role

Related Jobs