Officer Cybersecurity Defense Center

Job Purpose

This level must possess the ability to function in a collaborative environment, seeking continuous consultation with officers/ senior officers and managers and others both internal and external to the Bank to help BSF build an effective security operations program that minimizes organizational risk and reduces the impact of security breaches.

An Officer Cybersecurity Defense Center will guide collaborate within levels of the same area as well as independently function to minimizes organizational risk and reduces the impact of security breaches.

Accountabilities

• Monitor and evaluate the effectiveness of the Bank's cybersecurity safeguards to ensure that they provide the intended level of protection.
• Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings).
• Monitor and report changes in threat dispositions, activities, tactics, capabilities, objectives, etc. as related to designated cyber operations warning problem sets.
• Monitor target networks to provide indications and warning of target communications changes or processing failures.
• Conduct analysis of log files, evidence, and other information to determine best methods for identifying the perpetrator(s) of a network intrusion.
• Provide daily summary reports of network events and activity relevant to cyber defense practices.
• Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources.
• Maintain situational awareness of cyber-related intelligence requirements and associated tasking.

Cybersecurity Threat Management

• Assist the SR Officer and manager in Research and analyze of publically available data to identify and understand cyber threats
• Assist SR Officer and manager in Analysis what goes beyond people and events to provide insight and to complex data and derive cyber threats
• Apply professional intelligence, scientific and technical knowledge in solving complex intelligence problems
• Assist the SR Officer and manager in Research and analysis of trends and technical developments in Cybercrime, Hactivism and Cyberespionage (advanced persistent threat, APT or Cyber spying)
• Assist the SR Officer and manager in Identifying threats and provides context and relevance to a large amount of data picking up threats to the organization
• Access the organizations exposure , set actions and actions to mitigate cyber threat

Cybersecurity Incident & Forensics

• Perform tier 1, 2, and 3 malware analysis.
• Assist Senior Team Member(s) in identifying and/or developing reverse engineering tools to enhance capabilities and detect vulnerabilities.
• Identify digital evidence for examination and analysis in such a way as to avoid unintentional alteration.
• Identify, collect, and seize documentary or physical evidence, to include digital media and logs associated with cyber intrusion incidents, investigations, and operations.
• Analyze computer-generated threats for counter intelligence or criminal activity.
• Recognize and accurately report forensic artefacts indicative of a particular operating system.
• Document and escalate incidents (including event’s history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.
• Participate in the development or modification of the computer environment cybersecurity program plans and requirements
• Facilitate the sharing of “best practices” and “lessons learned” throughout the cyber operations community.

Vulnerability Management

• Lead and Perform certification and scanning services.
• Support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs).
• Supervise or manage protective or corrective measures when a cybersecurity incident or vulnerability is discovered.
• Monitor external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus) to maintain currency of cyber defense threat condition and determine which security issues may have an impact on the enterprise.
• Create interactive learning exercises to create an effective learning environment
• Recommend computing environment vulnerability corrections.
• Communicate new developments, breakthroughs, challenges and lessons learned to Management, and internal and external customers.
• Continuously validate the SOC against policies/guidelines/procedures/regulations/laws to ensure compliance.

• A Bachelors or Master’s degree preferably in Cybersecurity or IT / Computer Science or related discipline.
• Professional Certification(s), in related field
• 2-4 years of experience
• Reasonable knowledge of:
• New and emerging information technology (IT) and cybersecurity technologies; what constitutes a network attack and a network attack’s relationship to both threats and vulnerabilities;
• Insider Threat investigations, reporting, investigative tools and laws/regulations; hacking methodologies; emerging security issues, risks, and vulnerabilities;
• current and emerging threats/threat vectors; the common attack vectors on the network layer; different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks); cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored); cyber-attack stages (e.g., reconnaissance)