Associate IT Officer

As an Associate IT Officer (Technical Security), you will enhance ADB’s security detection and response capabilities by developing, implementing, and improving cyber threat detection mechanisms. You will help understand the evolving threat landscape, identifying opportunities for improvement in existing detections, and establishing new detection protocols to ensure comprehensive coverage.

In the broader context, your role is important for safeguarding ADB’s digital infrastructure against cyber threats, thereby ensuring the security and resilience of its operations. You will work with multiple teams, including security operations, incident response, and threat intelligence, to foster a collaborative and agile environment that is responsive to emerging threats.

You will

• Design and implement effective and comprehensive detection logic, ensuring that detection mechanisms are robust, thoroughly tested, and maintain high integrity.
• Collaborate with operational cybersecurity teams to ensure that alerts and response playbooks are clear, accessible, and actionable.
• Prioritize the needs of incident responders and operational teams, focusing on delivering relevant, valuable detections and practical response steps.
• Support cybersecurity incident management and participate in threat-hunting activities.
• Work with other security teams to drive automation and standardization initiatives aimed at enhancing efficiency and response capabilities.
• Communicate with system vendors to identify solutions to system problems, explore capabilities of software under development, and maintains current knowledge of technology, ensuring up-to-date knowledge of network and computer operating systems trends and developments; and
• Prepares guidelines, briefings, documentation and metrics relating to harmful software.

Qualifications:

• Bachelor’s degree in computer science, engineering, technology, or any related field, preferably with advanced training.
• At least 5 years of work experience
• Proficiency in developing queries for robust threat detection using languages such as KQL (Microsoft) or SPL (Splunk)
• Working knowledge of Endpoint Detection and Response (EDR) capabilities
• Understanding of Windows or Linux operating system fundamentals
• Ability to work independently and collaboratively within a team
• Familiarity with modern attacker tactics, techniques, and procedures (TTPs)
• Broad understanding of security concepts and interest in cybersecurity
• Knowledge of cloud infrastructure, cloud security, and cloud APIs
• Familiarity with attacker tools and evasion techniques
• Proficiency in at least one major programming or scripting language (e.g., Python, PowerShell)
• Experience in developing detections as code and translating threat intelligence into actionable detection logic
• Understanding of Active Directory threats
• Written and verbal proficiency in English

Source: https://www.adb.org/careers/250071