Responsible for providing input to security strategy and control of systems, networks, physical infrastructure, people, and information.
Participate in the design, communication, and execution of policies/controls/procedures as appropriate for SWIFT and its customers, and as consistent with the company objectives, company reputation, and regulatory requirements.
Responsible for the prevention of Cyber Security Incidents by monitoring, detection, and analysis of potential intrusions in real-time in the production infrastructure and network.
Responsible for analyzing and responding to cyber threats which will involve the use of troubleshooting tools as well as writing scripts to aid in quick analysis to define and apply an appropriate response.
Support Incident Response and Threat Detection development activities and report to Senior Management ensuring proper awareness and ownership.
Support the introduction and implementation of new capabilities and incident response processes and procedures within the Cyber Fusion Centre.
Interact closely with SWIFT’s Red Team to further enhance detection capabilities.
Participate in incident response simulation exercises from a blue team perspective.
Perform proper triage identification and scoping of incidents identification, request, and follow-up of containment actions.
Participate in the identification, development and communication of IOCs.
Participate in the identification and coordination of eradication and remediation actions with the various stakeholders and ensure timely follow-up.
Enhance and tune tools for efficiently managing large collections of security events.
Stay abreast of changing technologies, emerging cyber threats and attack methodologies.
Provide recommendations for adaptation of technologies or policies to our Security Delivery team.
Required Qualifications:
This position requires a bachelor’s or master’s degree in computer science, computer information systems, computer applications, Cyber security, information assurance, information technology, or a combination of education and experience equating to the U.S. equivalent of a bachelor’s degree in one of the aforementioned subjects.
Ability to learn in a fast-paced, multi-dimensional, technical environment
Knowledge of intrusion detection and vulnerability assessment capabilities and tools
Familiarity with Scripting languages such as PHP, Perl, or Python and databases such as MySQL, and knowledge of Unix and Windows.
