IT Officer

<!–

Description

–>

• Implement processes to ensure quality of cyber security incident response activities and manage the evolving cyber risks.
• Monitor and support security incident detection and response activities from initial identification through resolution, ensuring accurate and timely documentation as well as case closure.
• Conduct post-incident analysis to identify trends and patterns while undertaking continuous improvement measures to improve efficiency and effectiveness.
• Monitor performance of key security service provider and ensure they meet relevant SLAs and other contractual requirements.
• Support the maintenance of tactical security response playbooks stay relevant and up to date.
• Collaborate with vendors to improve their security measures and incident response capabilities.
• Design and produce management reports and other executive reports as required.
• Stay up-to-date with the latest information security trends and threat intelligence to ensure the company’s security infrastructure aligns with industry best practices.
• Support the team in liaising with the Bank’s other cyber security, risk and control functions.

• Bachelor’s degree in Computer Science, Information Systems, Business Administration or relevant fields; Specialized experience in similar organization/s or relevant industry training, may be considered in lieu of a Bachelor’s degree.
• Minimum of 8 years of relevant professional experience, preferably in the field of information security management, incident response, technology risk management or equivalent.
• Excellent communication skills, both written and verbal in English, with the ability to effectively communicate complex security incidents to both technical, non-technical, internal or external stakeholders.
• Relevant professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Incident Handler (GCIH), or Certified Intrusion Analyst (GCIA) are strongly preferred.
• Strong knowledge of various security methodologies and processes.
• Experience monitoring and managing the performance of external vendor such as Managed Security Service Provider (MSSP) or equivalent would be an advantage.
• Insight into public sector security risks and threats particularly relevant to multilateral development banks would be an advantage.
• Experience with security analytics and incident response management platforms such as Microsoft Sentinel or equivalent would be an advantage.
• Please refer to the link for ADB Competency Framework for NS2.

<!—

<!–

–>