Mgr., Inf. Security Incident & Problem Management

Purpose of the Role:

The Manager, Information Security Incident & Problem Management is responsible for the effective and efficiency management if the Bank’s Information Security Incident and Problem Management practice. The incumbent is responsible for ensuring that all reported events (alerts) from the implemented tools (log manager, data loss prevention (DLP), firewall, security incident & event management (SIEM), etc.,) are triaged and addressed within the stipulated timelines to ensure the continued protection of the Bank’s information assets. The incumbent is responsible for managing any incidents or problems observed in accordance with the establish procedures and playbooks. The incumbent will also participate in activities related to pre-emptive data breach response(s); analytic and reporting for litigation, data breaches, and regulatory response(s); workplace and employment issues, including theft of trade secrets, by collating, correlating and analysing relevant data from various sources. The Manager will provide feedback to senior management to assist in the development and support of sound security strategies, ensuring the reliable implementation of consistent and secure control processes to protect the Bank’s information and data resources.



Key Accountabilities:

  • Embeds the Bank’s information security incident and problem management processes within the Bank, working collaboratively with the Manager in Technology who is responsible for incident management. Ensures that the processes are current and consistent with the international industry practices. Provides awareness sessions and job aids to the respective stakeholders. Monitors the implementation of the associated policies, standards and processes.
  • Working collaboratively with stakeholders responsible for incident management across Bank, leads activities related to data breach response and pre-emptive cybersecurity. Coordinates efforts among multiple business units during response efforts, to ensure breaches are contained, the bank information assets are protected and regulatory compliance is maintained.
  • Maintains (collects, catalogues and stores, etc.) relevant breach evidence in accordance with established protocols and good practice.
  • Responsible for the implementation and ongoing maintenance of all security monitoring and compliance tools. This may involve updating databases, writing / updating procedures, checking understanding and adherence, implementing various tools, working with vendors, and project management activities. 
  • Responsible for network monitoring and intrusion detection analysis using various computer network defence (CND) tools, such as intrusion detection / prevention systems (IDS / IPS), firewalls, host based security system (HBSS), data loss prevention (DLP), etc. to ensure the protection of the Bank’s information assets. Correlates network activity across networks to identify trends of unauthorized use, via logging and SIEM implementation.
  • Reviews alerts and data from sensors and documents formal, technical incident reports. Responds to computer security incidents and problems according to the information security incident response process. Provides oversight for investigations related to information security (network breaches / unauthorized data access, etc.), escalates in accordance with established processes and provides recommendations for control improvements. Provides guidance to first responders for handling information security incidents.
  • Ensures that the Bank’s cybersecurity playbook (an automated guide for delivering a response to a cybersecurity event, which can be deployed, and act across the entire network to respond automatically to meet and stop cybersecurity threats) is current, fit for purpose and regularly exercised. Leads the maintenance (updating documentation and awareness training as required) of the cybersecurity playbook, based on research of the industry and associated gap analysis. Plans and manages the execution of tabletop exercises for all applicable high and medium risk threats identified in the playbook.  
  • Researches emerging threats and vulnerabilities to aid in the identification of network incidents, analyses potential impacts of new threats and communicates risks and mitigating actions to relevant business units. Works with respective Technology teams to ensure all vulnerabilities identified are mitigated or risk accepted in accordance with Operational Risk Management policies.
  • Compiles and analyses data for management reporting and metrics.
  • Keeps abreast of financial industry regulations and practices related to network security and cyber incidents across the region. Completes gap analyses of current policies, standards and provides recommendations to senior management to ensure that the Bank remains in compliance. Defines enhancements to current policies and standards to close any identified gaps.
  • Works collaboratively with third party service providers of information security services to the Bank to ensure compliance with contract terms, service level agreements (SLAs) and regulatory requirements.
  • Participates in the audit and compliance reviews and works with the stakeholders to close the audit and compliance deficiencies identified.



Critical Knowledge & Skills Required:

  1. Information security technologies – excellent and current knowledge of technologies and technology-based solutions dealing with information / cyber security incidents
  2. Good understanding of information security incident response practices, computer forensics, current cybersecurity threats to the financial services
  3. Decision-making and critical thinking – good knowledge of tools and techniques for effective use of a broad range of factors, assumptions, frameworks and perspectives when solving problems.
  4. Current understanding of IT security best practices
  5. Knowledge of NIST, Centre for Internet Security (CIS) and IT Controls.
  6. Good analytical skills
  7. Influencing skills
  8. Able to understand and analyse technology, and risk management principles
  9. Effective written and verbal communication skills:
  10. able to conduct presentations and facilitate group meetings
  11. effectively communicate with technical and non-technical resources
  12. communicate complex and technical issues to diverse audiences
  13. ability to tailor communication style to audience at hand
  • Good organisational skills and good time management.
  • People management skills.
  • Ability to perform independent analysis of problems and distil relevant findings and root causes.
  • A team-focused mentality with the proven ability to work effectively with diverse stakeholders.
  • Understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business.
  • Ability to compile and analyse data for management reporting and metrics.
  • Understanding of organisational mission, values, and goals and consistent application of this knowledge.
  • Ability to react to high pressure dynamic changing environments while maintaining a professional image and approach.


Experience Required:

  • Undergraduate or post graduate degree in Computer Science, Information Security, or a related field and one or more of the following or related professional certifications:
  1. GIAC Certified Incident Handler (GCIH)
  2. GIAC Certified Intrusion Analyst (GCIA)
  3. GIAC Certified Forensic Analyst (GCFA)
  4. GIAC Certified Forensic Examiner (GCFE)
  5. Certified Information Systems Security Professional (CISSP)
  6. Certified Information Systems Auditor (CISA)
  • At least three years’ experience in information security, with at least one year’s information security incident & problem management
  • At least three years’ experience in another IT function, especially IT audit
  • At least two years’ experience with regulatory compliance and information security management frameworks, e.g., IS027000, COBIT, National Institute of Science and Technology (NIST), etc.
  • Practical experience with security incident management tools

Or

  • At least five years’ experience in information security or IT audit and one or more of the following or related professional certifications:
  1. GIAC Certified Incident Handler (GCIH)
  2. GIAC Certified Intrusion Analyst (GCIA)
  3. GIAC Certified Forensic Analyst (GCFA)
  4. GIAC Certified Forensic Examiner (GCFE)
  5. Certified Information Systems Security Professional (CISSP)
  6. Certified Information Systems Auditor (CISA)
  • At least one years’ experience in information security incident & problem management
  • At least two years’ experience with regulatory compliance and information security management frameworks, e.g., IS027000, COBIT, NIST etc.
  • Practical experience with security incident management tools.


Position reports to: Senior Manager, Information Security Operations 

Function: Enterprise Security & Fraud Management

 

Expiry Date: 29 okt 2020

Reference
VAC-4218
Employer
CIBC FirstCaribbean International Bank
Hours
Employment Type
Location
Salary and benefits
In accordance with appropriate salary schedule.
Salary
Salary negotiable
Your Career Level
Mid Career
Years Experience
Minimum of Eight (8) years'
Your Education Level
Undergraduate Degree|in Computer Studies
View Employer
Apply
Log In and Apply
Upload your CV/Resume
Additional Personal Details
Other details about you

Terms of Use/Notifications

Do you agree to our Terms of Use & Privacy Statement?

Receive updates & notifications from Caribbean Opus

Apply

Currency

The 10 islands have different currencies. We will be using USD as the general currency on the website.