Ref. Number 21095
Position Digital Program Specialist — Cyber Security Operations [Beijing]
Minimum 5-8 years of experience
Department/Division IT Department
Job Type Global Recruitment
Location Beijing
Posting Date Oct 19, 2021
Closing Date Nov 09, 2021
ABOUT
The Asian Infrastructure Investment Bank (AIIB) was created to help foster social and economic development, create wealth, and improve infrastructure connectivity in Asia by investing in sustainable infrastructure and other productive sectors. As a new addition to the global multilateral development bank (MDB) family, AIIB works closely with other multilateral and bilateral institutions as well as the private sector to improve infrastructure by promoting regional cooperation and partnerships. AIIB has 103 members, including 20 prospective members, and has an authorized capital of USD100 billion, of which USD20 billion is paid in. AIIB is a triple-A-rated institution.
JOB PROFILE
1. The Information Technology Department (ITD) is looking for a Digital Program Specialist for cybersecurity operations.
2. They will be responsible for managing day-to-day cybersecurity operations to protect the confidentiality, integrity, and availability of AIIB information assets and ensuring that these meet AIIB compliance requirements.
3. They will be expected to conduct security threat monitoring and analysis; lead security incident response, forensics and remediation; and continually improve security operations procedures and processes.
4. The selected Specialist will work in a start-up, fast-paced, rapidly changing work environment.
5. They will have the opportunity to drive IT process design and will be exposed to cutting-edge cloud technology and a multilateral development bank’s business environment where they can hone skills in project management, communication, stakeholder management, planning, and risk management.
RESPONSIBILITIES
1. Lead a security operation center (SOC) team to execute the 24x7 operational level hands-on tasks and escalate identified cyber risks to the team leader. They will be expected to stay on call during nonworking hours.
2. Conduct security threat monitoring and analysis; detect and respond to malicious behavior on cloud systems and applications, workstations, servers, and networks; and proactively hunt for threats within the environment.
3. Coordinate cross-department incident response and forensic processes, provide timely and relevant updates to appropriate stakeholders and decision makers, and prepare incident reports and documents.
4. Assist in improving the log management and security information and event management (SIEM) solutions, including optimizing the log collection and threat detection signatures, tuning systems/tools, and developing automation scripts and correlation rules.
5. Improve and enforce guidelines for best practices in security operations; and maintain knowledge of security tactics, techniques and procedures.
6. Independently engage with domestic and overseas third-party resources, such as cybersecurity authorities, agencies, and service providers.
7. Ensure that processes comply with IT governance processes and procedures and the Bank’s audit and control requirements, and support routine regulatory and compliance audit initiatives.
8. Ensure proper maintenance of documentation regarding all security operation activities.
9. Manage vendors and perform related tasks such as procurement; contracting; developing project plans; monitoring of progress, timesheets, and budget; and managing risk, etc.
10. May perform other duties as assigned, including work in other areas to cover absences or serve as relief to equalize peak work periods or otherwise balance the workload.
|
1. Demonstrated hands-on experience in the detection, response, mitigation, and forensics of cyber threats.
2. Demonstrated cybersecurity operation experience with mainstream SIEM solutions and multiple security technologies, such as antivirus software, intrusion detection, firewalls, and content filtering.
3. Up-to-date knowledge of security protection of mainstream cloud platforms and key banking systems, such as AWS, Azure, Office 365, SAP SaaS and SWIFT.
4. Solid understanding of the cybersecurity industry, current threat landscape, and legal and regulatory requirements.
5. Effective engagement, relationship and stakeholder management skills across the business at all levels, including with senior management.
6. Knowledgeable in the ITIL processes.
7. Fluency in oral and written English is a must.
8. Minimum 5-8 years of relevant IT experience or equivalent.
9. Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP) or equivalent.
10. Master’s degree equivalent or higher in related fields from a reputable university.
AIIB is committed to diversity, transparency and inclusion. We believe our strength comes from having a team with the right diverse skills, experiences and abilities selected through a merit-based competitive process. We actively encourage applications from people from both within and outside AIIB members, regardless of nationality, religion, gender, race, disability, or sexual orientation.
Previous experience and qualifications will determine the grade and job title at which successful applicants will enter AIIB.
Join us and help create a prosperous and sustainable Asia while growing your career in a diverse and innovative environment.
|
English 
FRENCH
