European Bank for Reconstruction & Development
tendersglobal.net
Company presentation
The European Bank for Reconstruction and Development was founded in 1991 when communism was crumbling in Europe and ex-Soviet countries needed support to nurture a new private sector and democracy. Today we invest to help build market economies from central Europe to central Asia and the southern and eastern Mediterranean. We are now the largest single investor in our region. Owned by 69 countries and two intergovernmental institutions, we provide project financing for banks, industries and businesses. We also work with publicly owned companies to support privatisation, restructure state-owned firms and improve municipal services. Wherever we are active, we promote policies that bolster the business climate.
Please note that not all types of contracts and advertisements are listed in cinfoPoste. Find all of them, including local positions as well as specific programmes here, while consultancies are here.
Find in-depth information on careers with EBRD and related cinfo’s support on cinfo.ch: Visit the organisation’s profile
Job description
Verify your compatibility with this job ad
The compatibility is only an indication and should not discourage you from applying if you think your profile matches. It is also not taken into consideration for recruitment.
? %
Purpose of Job
The role sits within the IT Security and Business Continuity team, (part of Cyber Security Operations) which is responsible for protecting the confidentiality, integrity, and availability of the Bank’s information assets. The focus of this role is to contribute to Vulnerability Management activities and to the continued operations of Information and Computer Technology systems. The role will be contributing to Major Incident (MI) calls where required to triage any potential cybersecurity events or threats which may impact the Bank. The IT Security VM Analyst will also support the Security Operations team in responding to ServiceNOW ticket requests as part of the ongoing Bank Security Operations tasks.
The role comes with expectation to be on-site in Canary Wharf office as required (minimum 2-3 days or 50% a week).
Accountabilities & Responsibilities
- The IT Security Vulnerability Management Analyst will have the following objectives:
- Monitor and evaluate systems’ cybersecurity state, analyse, and
- Contribute to the development, maintenance, and ongoing assessment of Vulnerability Management process, to mitigate the impact of cybersecurity vulnerabilities
- Reduce risk to the Bank through effective Vulnerability Management practices
- Identify, analyse, mitigate, and effectively communicate vulnerabilities to resolver teams
- Establish procedures for vulnerability results analysis and threat intelligence evaluations
- Adopt and develop vulnerability and pen testing and remediation techniques
- Cooperate with outsourced partners and MSSPs’ SOC teams
Knowledge, Skills, Experience & Qualifications
- Expertise in Microsoft (Server & Workstation), UNIX and Linux Operating Systems
- Educated to degree level (Computer Science or similar)
- In-depth knowledge of technical security solutions covering areas such as: SIEM, EDR, DLP, WAF, email security, DNS, encryption, PKI, cloud security, threat intelligence gathering, threat hunting, knowledge of MITRE framework and an understanding of the cyber ‘Kill Chain’
- A suitable Security Certification such as CISSP, CISM or GIAC (GEVA preferred)
- Verifiable experience and examples of assessing vulnerabilities in a similar role
- Pen testing results interpretation, tracking and efficient remediation best practices
- Relevant experience in the Financial Services sector
- Set up scanning, policies, review reports, prioritise vulnerabilities – work with the teams to remediate the vulnerabilities. Demonstrable experience of conducting security assessments and threat identification, mitigation and remediation# Working knowledge of security risk oversight, CVSS (Common Vulnerability Scoring System), CVE (Common Vulnerabilities and Exposures), and technical security vulnerability remediation/mitigation
- Practice all technical, functional and operational aspects of VM and remediation response
- Collect, analyse and correlate cyber threat information from multiple sources including pen tests, scanning tools and open source intelligence to initiate remediation activities
- Work on operating systems, servers, cloud and relevant infrastructures
- Communicate, present and report to relevant stakeholders
- Experience operating vulnerability and compliance scanning tools such as Qualys, Tenable Nessus Security Centre, Tripwire or similar
- Operating systems and computer networks security
- Computer systems vulnerabilities
Please be advised internal applicants are only eligible to apply once the probation period in your current role has been passed.
Please note that CCTs and applicants working directly for a Board office can only apply for jobs advertised via the external website.
Job Segment: Open Source, System Administrator, Bank, Banking, Linux, Technology, Finance
Right to Work in the UK: Swiss nationals (and all other non-UK employees) can work in the UK without a Visa – working at the EBRD gives all employees “exempt status”. The Bank however encourages all non-UK employees to obtain an Exempt Vignette (EV) prior to relocating to the UK, as without an EV you may face more questions at Border Control and when required to show evidence of their exempt status when renting accommodation under the Right to Rent legislation. The application process may take 3 – 4 weeks approx. outside of the UK.
This is how cinfo can support you in the application process for this specific position:
-
Application preparation: Before you apply for this position: Improve your application documents by registering for a Job Application Support. Our coaches are here to help tailor your application to the requirements of the job (service provided at your own cost).
-
Interview preparation: When invited to the interview: Prepare for the interview by registering for a Job Application Support.
-
Additional services for Swiss nationals who get invited to the selection process (written test, interview, assessment centre, etc.):
-
Let us know by writing to [email protected]. We flag matching applications to HR partners and SDC/SECO for visibility.
-
Benefit from free interview/assessment preparation by registering here: Interview and Assessment Centre Preparation for Jobs in Multilateral Organisations. Our coaches stand ready to help prepare for upcoming interview/assessment centre.
-
Map
More details
Working hours (%): 80-100%
80-100%
Type of contract: Staff (Permanent and Fixed Term)
Duration: 3 years
Macro-area: Western and Central Europe without Switzerland
Level of experience: Senior Professional, more than 5 years
Area of work Definition: Banking and Finance
Type of organisation: Multilateral Organisations
To help us track our recruitment effort, please indicate in your cover/motivation letter where (tendersglobal.net) you saw this job posting.