Job Purpose:
The Cyber Security Incident Response Manager (CSIRM) will manage
the end-to-end Cyber Incident Response Lifecycle across the Group. The CSIRM
will be part of driving the strategy, capabilities, and will also provide an
efficient response and remediation to minimize the impact of the evolving cyber
threats.
This role requires a strong understanding of cybersecurity
forensics, Cyber risk, and the ability to make quick, effective decisions in
fast-paced and complex environments.
Key Responsibilities
- Cyber
Incident Response Planning and Preparation: The candidate will be required
to be in charge of the process of maintaining and improving incident
response capabilities and preventing incidents by ensuring that systems,
networks, applications, and data handling processes are sufficiently
secure, and employee awareness training is in place. The CSIRM will ensure
practice exercises (Table-top Exercises) for the CIRT (Cyber Incident
Response Team) are conducted periodically, where various incident scenarios
are presented to the Team in a practice session.
- Cyber
Incident Identification: The CSIRM will facilitate the process of
confirming, characterizing, classifying, categorizing, scoping, and
prioritizing suspected incidents as per the Group Incident Response
Policies and Procedures.
- Cyber
Incident Notification: The CSIRM will ensure alerting of CIRT members to
the occurrence of an incident and communicating throughout the incident to
the relevant stakeholders.
- Cyber
Incident Containment: The CSIRM will proactively play a critical role in
the containment of cyber incidents to ensure the minimization of financial
and/or reputational loss, theft of information, or service disruption. The
CSIRM ensures prompt communication briefs to the Group CISO on any Cyber
Incident occurrence. The CSIRM will also coordinate communication with
relevant stakeholders (external and Internal) as per the Bank’s
Communication policies if and when required.
- Cyber
Breach Eradication and Threat Elimination: The CSIRM will coordinate all
aspects of threat eradication through thorough identification of all
affected assets, elimination of artifacts of the incident (e.g., removal
of malicious code, re-image infected systems), and mitigating the
vulnerabilities or other conditions that were exploited. This will also
ensure that Forensics
- Artifacts
are well-maintained and preserved as per the Bank’s Digital Forensics
Policies and Procedures.
- Recovery:
The CSIRM will coordinate and ensure restoration of services to a normal
state of operation and the resumption of business activities quickly and
securely as per the SLAs.
- Post-incident
Activities: The CSIRM will be tasked to assess the overall response
effectiveness and identify opportunities for improvement through ‘lessons
learned’ or mitigation of exploited weaknesses. This will also include
continuous incorporation of incidents’ learnings into the cyber
fortification efforts and the response plan, as appropriate.
Other Duties may include assisting the Bank’s Communication team
with relevant information that will assist in reputational repair measures, if
needed.
Qualifications
Key Critical
Competencies
- Business
awareness
- Threat
and cybersecurity competencies
- Strong
analytical and problem-solving skills
- Excellent
planning skills
- High
personal standards and goal-oriented
- Deep
knowledge of the Bank’s infrastructure, networks, and systems
Required Skill and
Certifications
- Bachelor’s
degree in information technology, Information Security/Assurance,
Engineering or a similar area of study;
- Hold
at least one relevant industry certification (GCIH, GCED, CISSP, CISA,
CISM, etc.)
- Minimum
5 years of Security leadership, with experience running and managing
incident playbooks.
- Minimum
3 years of experience working in a SOC environment and working knowledge
of all managed controls and services. (added advantage)
- Relevant
industry certifications or relevant technology vendor certifications
- Personnel
and resource management experience
- Strong
knowledge of Cyber Security forensics, project management, change
management, technology implementation, and risk analysis strategy
- Proficient
at professional communication and documentation of processes and
procedures
How to Apply
