Cyber Security Engineer| Contract | Bank

Job scopes

• Monitor developing cybersecurity events worldwide and escalate to the L2 team if relevant events are observed.
• Perform monitoring, risk assessments, and analysis using security tools such as anomaly detection systems, firewalls, antivirus systems, and proxy devices.
• Follow predefined procedures to handle security alerts, including escalation to the L2 team and other support groups.
• Execute daily ad-hoc tasks or lead small projects as needed.
• Participate in daily and ad-hoc documentation-related tasks.
• Create and maintain operational reports for Key Performance Indicators (KPIs), as well as weekly and monthly metrics.
• Conduct the assessment phase of the Vulnerability and Threat Management process.
• Receive threat intelligence from subscribed feeds and update the Threat Intelligence knowledge base.
• Be prepared to support any security incident response investigations across the Group, regardless of location or environment.
• Work closely with the Team Lead to review, provide feedback on, and improve the methodologies used in Security Operations.
• Ensure all logged tickets are closed accurately and in a timely manner.
• Submit routine reports on threats, vulnerabilities, and incidents handled by the Security Operations Center in a timely manner.
• Keep Security Operations Center runbooks and procedures up to date.

Job requirements:

• Bachelor’s degree in Computer Science or equivalent
• Over 3 years of experience in Security Operations, preferably with a focus on incident management.
• Experience in the banking or financial services industry
• Familiarity with security products and network devices.
• Extensive technical knowledge of network security practices, including Intranet, Extranet, and Internet access.
• Hands-on experience with operating systems such as UNIX, AIX, Linux, and Windows.
• Good understanding of TCP/IP, DNS, web technologies, wireless security architectures, and enterprise-grade security solutions.
• Knowledge of encryption and authentication methods, including 2FA, DES/AES/RSA, digital certificates, SSL/TLS, IPSec, and DMZ architecture.
• Proficiency in intrusion detection, deep TCP/IP analysis, cybersecurity principles, various operating systems (Windows/UNIX), and internet security technologies.
• Ability to analyze packet-level data, manage network and host security tools (e.g., NIDS/NIPS, firewalls, HIPS, antivirus, scanners), and interpret security events.
• Skilled in performing vulnerability assessments, managing related tools and processes, and conducting application penetration testing or forensic analysis.
• Relevant certifications from EC-Council, GIAC, or (ISC)² (e.g., CISSP, CEH, GCIA, CCNA).
• Performance-Oriented: Consistently strives to exceed past achievements.
• Resilient Under Pressure: Capable of maintaining performance during critical situations.
• Team Collaboration: Works effectively and cooperatively with peers.
• Able to communicate clearly and effectively in discussions and meetings with team members and stakeholders.