Purpose of Job
The role sits within the IT Security and Business Continuity team, (part of Cyber Security Operations) which is responsible for protecting the confidentiality, integrity, and availability of the Bank’s information assets. The focus of this role is to respond to any cybersecurity incident and assure the continued operations of Information and Computer Technology systems. This will include contributing to Major Incident (MI) calls to triage any potential cybersecurity events or threats which may impact the Bank. The IT Security Incident Response (IR) Associate will also support the Head of Security Operations in managing the Bank’s Managed Security Services Providers (MSSPs) and track the occurrence and development of cyber incidents within the Bank.
The role comes with expectation to be on-site in Canary Wharf office as required (minimum 2-3 days or 50% a week).
Accountabilities & Responsibilities
1. The IT Security Incident Response Associate will have the following responsibilities:
2. Monitor and evaluate systems’ cybersecurity state, analyse, and mitigate the impact of cybersecurity incidents
3. Identify cyber incidents, root causes and malicious actors
4. Act according to the Bank’s Incident Response Plan, restore systems and processes functionalities to an operational state, collecting evidences and documenting actions taken
5. Participate in MI calls to triage incidents
6. Contribute to the development, maintenance and assessment of the Incident Response Plan and related playbooks
7. Develop, implement, and assess procedures related to incident handling including analysis and reporting
8. Identify, analyse, mitigate, and communicate cybersecurity incidents
9. Measure cybersecurity incidents detection and response effectiveness
10. Document incident results analysis and incident handling actions
11. Evaluate the resilience of the cybersecurity controls and mitigation actions taken after a cybersecurity or data breach incident
12. Adopt and develop incident handling testing techniques
13. Cooperate with outsourced partners and MSSPs’ SOC teams
14. Manage any Incident Response tools & technologies to support the IR capabilities of the team
Knowledge, Skills, Experience & Qualifications
15. Educated to degree level (Computer Science or similar)
16. A suitable Security Certification such as CISSP, CISM or CFR (CIHE preferred)
17. Expertise in Microsoft (Server & Workstation), UNIX and Linux Operating Systems
18. Incident Handling standards, methodologies, recommendations, and best practices
19. Verifiable experience and examples of dealing with incidents in a similar role
20. Operating as part of a wider Security Operations Centre (SOC) team
21. Detailed familiarity of Cloud Technologies and how to secure them
22. In-depth knowledge of technical security solutions covering areas such as: SIEM, EDR, DLP, WAF, email security, DNS, encryption, PKI, cloud security, threat intelligence gathering, threat hunting, knowledge of MITRE framework and an understanding of the cyber ‘Kill Chain’
23. Practice all technical, functional, and operational aspects of cybersecurity incident handling and response
24. Excellent crisis management skills, working under pressure with calmness, authority and respect
25. Collect, analyse, and correlate cyber threat information originating from multiple sources
26. Communicate, present and report to relevant stakeholders
27. Manage and analyse log files
28. Be proficient in firewall rule reviews
What is it like to work at the EBRD?
Our agile and innovative approach is what makes life at the EBRD a unique experience! You will be part of a pioneering and diverse international organisation, and use your talents to make a real difference to people's lives and help shape the future of the regions we invest in.
The EBRD environment provides you with:
29. Varied, stimulating and engaging work that gives you an opportunity to interact with a wide range of experts in the financial, political, public and private sectors across the regions we invest in;
30. A working culture that embraces inclusion and celebrates diversity;
31. An environment that places sustainability, equality and digital transformation at the heart of what we do.