'%3e%3cpath d='M15.3069 13.1535H1' stroke='%23333333' stroke-width='1.4' stroke-linecap='round' stroke-linejoin='round'/%3e%3cpath d='M15.3069 8.15347H1' stroke='%23333333' stroke-width='1.4' stroke-linecap='round' stroke-linejoin='round'/%3e%3cpath d='M15.3069 3.30693H1' stroke='%23333333' stroke-width='1.4' stroke-linecap='round' stroke-linejoin='round'/%3e%3c/g%3e%3cdefs%3e%3cclipPath id='clip0_126_10407'%3e%3crect width='16' height='16' fill='white'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e){kind=small}
Assistant Vice President/Lead - Security Incident Management - BFSI
Delhi NCRShort Description for Internal Candidates :
Develop and run end-to-end program for managing the security incident life-cycle. This role will join SBI Card's internal Information & Cyber Security Incident Response Team, working as the lead of Incident Analysts for managing all kind of Information Security Incidents including Information Governance & Security , getting routine investigation, forensics & eDiscovery etc. done in association of in-house team and service partners.
Description for Internal Candidates :
Job Description :
- Develop and run end-to-end program for managing the security incident life-cycle
- This role will join SBI Card's internal Information & Cyber Security Incident Response Team, working as the lead of Incident Analysts for managing all kind of Information Security Incidents including Information Governance & Security , getting routine investigation, forensics & eDiscovery etc. done in association of in-house team and service partners.
A. Manage overall Incident Management program including monitoring, review, triage, assessing impact, diagnostic and data collection, troubleshooting and remediation, interacting with requestors etc.
B. Lead the implementation and sustenance of security incident response plan and associated playbooks for all security related incidents
C. Responsible for overseeing SBIC incident response tools and processes, covering proactive planning a.d prevention, as well as reactive detection and remediation.
D. Record and classify received Incidents and undertake an immediate effort in order to restore a service/reach resolution stage as quickly as possible
E. Report incidents to the regulator (RBI) as per the mandate
F. Develop and manage metrics and reporting on the effectiveness of the security incident response program which includes reports to leadership
G. Identify trends in security incident response and regulatory requirements for the necessary changes in the program
H. Work with multiple internal and external stakeholders to drive triage, analysis, containment, and eradication of the incidents and provide leadership in high risk incidents
I. Participate in various internal and external audits in context of security incident response program
J. Drive continuous improvements in people, process, and technology as it relates to the efficiency and effectiveness of the security incident response program
K. Develop processes and procedures for Security Operation Center procedures including developing roles and responsibilities and communicate to/train various IT and business stakeholders.
L. Monitoring, responding, reporting, compliance to SLA's and managing security incidents related to IT systems covered under security programs like SIEM, DLP, Anti-Phishing Brand and Dark-Web Monitoring.
M. Liaison with all the IT/Business/Vendor stakeholders to ensure effective program execution.
N. Assess Security Incidents and lay down strategies to reduce the likelihood of future occurrences
O. Identify opportunities and continuously improve/mature the program
Skill Required :
1. Strong technical background in a large enterprise, with solid experience to effectively manage security incidents, respond to threats and assess risk.
2. In-depth knowledge of security concepts such as cyber-attacks, threat vectors, best practices, risk and incident management etc.
3. Good Analytical, documentation, communication, problem solving and inter-personal skills
4. Information security experience, with a very strong technical background and significant security Incident response experience
5. Good understanding of Security Terminology i.e. Network Security, Vulnerability, Anti-Virus, Virus/Trojans/Spam/Attack Pattern
6. Strong understanding of configuration and security controls of various information technology and security infrastructure components deployed on prem and cloud.
7. Experience in handling various types of incidents like phishing, denial of service, malware, and unauthorized access etc.
8. Good understanding of Security Information and Event Management (SIEM), Data Loss Prevention (DLP) and security incident response workflow management technologies.
9. Good understanding of related BFSI regulations and its relevance to security incident management
10. Prior working experience of similar role and leading a team of 24-7 Operations
11. Process management experience with incident response and SIEM.
12. Experience with and confidence to develop and socialize security operations playbooks across infrastructure and applications teams in IT.
13. Ability to effectively articulate true risk - avoiding tendencies toward fear, uncertainty, and doubt - and the priority of potential remediations.
14. Organizational skills to track opportunities / problems and remediation / actions; proven analytical and problem solving ability while being cool under pressure and diplomatic.
Required Experience : 8+ years overall experience and 5-7 years of directly related experience in Information Security Threat /Incident Management.
Must Have Qualification :
A. Bachelor's Degree or advance course in Computer Science or Information Security related areas
B. Strong understanding of security incident management lifecycle including CERT/SIRT and/or MITRE attack framework
C. At least one Industry-standard certifications such as CEH, CHFI, GIAC etc
D. Experience managing service providers/supplier relationships & Team management
Measure of Success/Excepted Outcome from Role/Personnel :
A. Develop, Run & Maintain end-2-end Security Incident Management Program as per defined policy & regulatory requirement
B. Incident are reported to regulator (RBI) within the mandated timelines
C. Incidents are responded & closed with agreed SLA/KPI
D. No NC on Internal/external audit on Incident Management Process & Program
E. Continual improvements in Security Incident Management processes/procedures and increase in maturity of Security Incident Management operating model
F. Effective root cause analysis and remediation for identified security incidents.
Didn’t find the job appropriate? Report this Job
'%3e %3cpath d='M24 48C37.2548 48 48 37.2548 48 24C48 10.7452 37.2548 0 24 0C10.7452 0 0 10.7452 0 24C0 37.2548 10.7452 48 24 48Z' fill='%23333333' fill-opacity='0.8'/%3e %3cpath fill-rule='evenodd' clip-rule='evenodd' d='M22.5299 19.0115V19.5849V29.0154V31.5316C22.5299 32.3403 23.1967 33 24.004 33C24.8114 33 25.4784 32.3358 25.4784 31.5316V29.0154V19.5849V19.013L29.4885 23.0077C30.0627 23.5795 31.0044 23.5743 31.5733 23.0077C32.1421 22.441 32.1423 21.4975 31.5735 20.9308L30.1054 19.4684C30.0891 19.4504 30.0724 19.4329 30.0551 19.4156L25.0837 14.4634L25.0479 14.4264C24.9234 14.3024 24.7807 14.2055 24.6281 14.1358L24.5952 14.1212C24.5751 14.1126 24.549 14.1022 24.5286 14.0946C24.0039 13.8983 23.3839 14.0068 22.9622 14.4268L22.9533 14.436L21.4743 15.9093C21.4615 15.9211 21.449 15.933 21.4367 15.9452L16.4286 20.934C15.8598 21.5008 15.8545 22.4389 16.4286 23.0108C17.0027 23.5826 17.9394 23.5827 18.5135 23.0109L20.0019 21.5283C20.0147 21.5164 20.0274 21.5043 20.0399 21.492L22.5299 19.0115ZM24.5952 14.1212C24.5751 14.1126 24.549 14.1022 24.5286 14.0946L24.5952 14.1212Z' fill='white'/%3e %3c/g%3e %3cdefs%3e %3cclipPath id='clip0_99_1825'%3e %3crect width='48' height='48' fill='white'/%3e %3c/clipPath%3e %3c/defs%3e%3c/svg%3e "Scroll Up"){kind=small}