As the Cybersecurity Specialist at Schroders, you will be part of the Information Security team that provides thought leadership on managing information security threats, vulnerabilities to Schroders’ information assets and being the centre of excellence for advice and coordination.
The team comprise of various SMEs in Technology Risk, Cybersecurity, Insider Security including Access and User Behaviour Management, Security Architecture and Information Risk. You will be responsible for escalations and lead investigation of cyber security incidents within established service levels.
When required, you will perform operational real-time monitoring and analysis of security events from multiple sources including but not limited to events from security information monitoring tools, network and host based intrusion detection systems, network infrastructure logs, system logs (Unix & Windows), applications and databases.
The Global Computer Security Incident Response Team (CSIRT) is a 24x7, follow-the-sun operation with members in key geographical locations. To address identified security incidents, you will apply the appropriate knowledge for forensic analysis, data recovery, eDiscovery, and usage of other IT investigative tools to detect/protect and remediate the threat.
To be successful in this role, you should possess the following requisites:
- Degree graduate with 5-7 years of relevant experience
- Solid and demonstrable comprehension of Cyber security including malware, emerging threats, attacks, threat intelligence and vulnerability management
- Subject matter expertise (SME) in one or multiple areas such as Windows, Unix, firewalls, intrusion detection, threat detection analysis, or computer forensics
- Experienced managing the implementation of regional and global information security projects, initiatives and operational processes in concert with stakeholders and teams
- A empathetic and responsive customer service manner during the resolution of incidents
- Ability to present complex solutions and methods to a less technical audience; providing technical and non-technical thought-leadership and education of stakeholders
- Comfortable developing and presenting cyber-security awareness training to large audiences
- Enjoy problem solving: Identify, assess, track and close down regional risks
- Provide guidance to technology and business stakeholders on internal and external audit processes, representing the APAC GT practices and processes to auditors and ensuring effective appropriate risk reporting practices are followed and controls in place
- Ability to rapidly find, assimilate and correlate information correctly while under pressure
- Participate enthusiastically and effectively in Agile ceremonies with information security, business stakeholders and delivery teams, contributing to planning and resourcing
- Champion information security and raise awareness about its role, objectives and initiatives
- Lead and contribute to security incident management including creation and presentation of security incident reports with management
- Experience assisting the development and maintenance of tools, procedures, and documentation for the Computer Security Incident Response Team (CSIRT)
- Use Forensics analysis capabilities to identify, hunt for specific threat and its impact in organization
- Manage end to end vulnerability assessment and coordinate remediation with IT teams.
- Strong analytical skills and the ability to resolve complex security vulnerabilities and design compensating controls
- Contribute in driving use case creation, process improvements and documentation to ensure effective usage of Security Incident and Event management platform
- Manage the technical policies on the various security tools, and have effective governance in place: Antivirus, malicious activity protection, email infrastructure and perimeter firewalls etc
- Ensure all the changes in firewall, proxy etc. are well reviewed and approved before go live
- Support audit and data requirements from internal and external auditors
- Giving support to additional information security initiatives like but not limited to penetration tests, Security tools deployment, Security policy creation etc.
- Desirable network, security or platform certification(s) include S+, N+, MCSP, CNA, SANS GIAC, GCIA, GCIH, CISSP, CISM
- Experience working with global teams across time zones and sensitive to cultures and languages
- Understanding & experience of SAFe Agile principles and Scrum/Kanban delivery methodologies
- Experience in financial services or investment management is preferred with the associated sense of urgency and complexity that this industry demands