Threat Level: green Handler on Duty: Manuel Humberto Santander Pelaez

SANS ISC: InfoSec Jobs - Threat Intelligence Senior Manager New York, USA GCIH InfoSec Jobs


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This listing has expired and therefore is not publicly viewable.

Threat Intelligence Senior Manager
Company Standard Chartered Global Business Services
Location New York, USA
Preferred GIAC Certifications GCIH
Travel 20%
Salary TBC
URL https://www.sc.com
Contact Name Mohammed Fadzil Haron
Contact Email mohammed.haron/at/gmail.com
Expires 2018-05-22

Job Description

Job Description – Senior Manager, Threat Intelligence

ROLE

Business Title: Threat Intelligence Senior Manager
Grade: Band 5
Business Unit: ITO, Technology Services, Security Technology Services
Job Family: Security Technology Services
Location: New York
REPORTING RELATIONSHIPS:

Reports Directly to Global Head, Threat Intelligence
PURPOSE:
Security Technology Services (STS) is a critical function within Standard Chartered Bank operating under the overall purview of “Technology Services”.

The STS team is made up of cyber security thought leaders, who are accountable for the provision of a global set of cybersecurity services and products in order to maintain and continuously improve Bank’s cybersecurity posture in today’s ever-evolving cybersecurity landscape.

The STS team protect the Bank from cybersecurity threats by delivering effective information security technology services, managing and responding to security incidents to ensure, and support the continuity and growth of Bank’s business operations; and meet the both internal and external stakeholders’ expectations across 70+ countries and territories, in which SCB operates.

In order for STS-Threat Intelligence to be a truly global team, it must have team members located in multiple geographic regions. This requires a highly skilled and experienced threat intelligence specialist to complement the team and develop the capability that improves the Bank’s threat intelligence posture in order protect the Bank from complex cyber threats.

RESPONSIBILITIES:

• Be a champion for Threat Intelligence in North America and the wider region.

• Participate in the local and regional intelligence sharing community, represent the Bank and raise the Bank’s profile and influence in this space.

• Produce excellent written intelligence products – using analysis methodologies where appropriate.

• Provide timely situational awareness, including research via the use of various sources, to formulate written and oral briefings.

• Act as a part of incident response team where appropriate.

• Use existing SCB analysis platform to research relevant threats

• Produce actionable intelligence on threats for delivery to senior management and operational teams.

• Establish, develop and own relationships with senior internal and external stakeholders.

• Protect SCB by performing technical research into advanced, targeted attacks, malware campaigns, malware and other emerging technologies that post risk to the bank

KEY STAKEHOLDERS:
• Services Domain Heads within Security Technology Services
• Other relevant functions with Technology Services (Infrastructure Services, Networks etc.)
• Local and regional info sharing groups (e.g. FSISAC), peer organisations, law enforcement/government agencies.
• External Service Providers
• Business Stakeholders
• CISO/IT Operational Risk
COMPETENCIES (KNOWLEDGE & SKILLS):
• Bachelor’s degree in computer related major

• Excellent written and oral communication skills

• Experience in writing intelligence reports

• 10+ years of experience in Information security preferably in Banking and Financial services sector

• 5+ years hands-on experience in audit engagement and risk management is added advantage

• Experience in using various open sources and tools to research external threat actors and threat actor
groups

• Worked in SOC analysis and investigation environment is preferred (nice to have)

• Experience with Linux/Unix, database technologies (nice to have)

• Able to create scripts with Python, Bash and SQL (nice to have)

• Firm grasp of Link-analysis methods and software such as Maltego and SIEM/Data Analytics would be an asset.

• Having technical security certifications GCIH or equivalent will be an added advantage