Cyber Defence

Cyber Defence

Security Logging & Monitoring Expert

Mission context Want to help shape the bank of tomorrow today?

At the bank for a changing world, our employees make change their greatest asset, turning challenges into opportunities. They think ahead to offer customers innovative solutions perfectly suited to their needs. At the country's number one bank, employees enjoy continuous career growth in a rewarding and flexible work environment.

Cyber Security department supports Information Technology and Business to enable sound and formal information security risk decision making by bank management, and to help with implementing a proper information security management system.

The purpose of the “Cyber Defence’ team is to prepare and to respond to unauthorized cyber activity. This is done by providing the following services:
Proactive - support & intelligence to help prepare and secure bank systems in anticipation of cyber-attacks where threat management ensures collection, assessment and sharing of threat information.

Reactive - triggered by a request / incident / event identified by an intrusion detection system or reported by human.

To support those services, We are looking for a Security Logging & Monitoring Product Expert to perform activities as outlined below.

**Function description Your future job**:
Expert represents both the different stakeholders and the internal client's voice by identifying their expectations, preferences and aversions, which he translates into business requirements. The Expert must ensure the perfect understanding of the products on the part of the engineering team, as well as its progress.

The expert is responsible for defining stories, prioritizing the backlog and organizing the execution of operational priorities, while maintaining the conceptual and technical integrity of the features / user stories. The expert has a significant role in quality and is empowered to judge if stories are finalized or not.

**More specifically the Security Logging & Monitoring Expert is**:
Responsible for translating the Cyber Defence vision and strategy into target operating model and processes for the Security Logging & Monitoring capabilities.

Communicate the Security Logging & Monitoring target operating model and processes effectively to key stakeholders and Cyber Defence team members.

Incorporates stakeholder input into product roadmap while effectively negotiating priorities based on value to the company.

Works day to day with stakeholders and different IT teams clarifying requirements, removing roadblocks, constantly communicating and gaining alignment around the Security Logging & Monitoring capabilities.

Ensures delivery of Security Logging & Monitoring yearly roadmap, partners with delivery teams to ensure deliverables are clear, removes barriers for Cyber Defence team members and resolves open issues/questions quickly and efficiently.

Sets the quality standard for delivery. Develops test plans and monitoring user story acceptance criteria, reviews each deliverable and provide feedback to team and improve team processes.

Leads problem resolution as needed to ensure a prompt and efficient service.

Responsible for Security Logging & Monitoring key performance indicators (KPI’s).

Language requirements Dutch Good spoken (preferable)

French Good spoken (mandatory)

English Fluent spoken & written (mandatory)

Education Master or equivalent by experience.

Required experience / knowledge

At least 5 years of experience in information security, preferably 7 years.

Technical experience Mandatory

(demonstrate general knowledge of most of the following, with deep understanding

in at least one or two areas)

Strong knowledge of IT security technology and processes (secure networking, web infrastructure, system security, SOC tooling, etc.);
**Experience with building SOC related framework**: target operating model, roles, processes.

Experience with processes in a SOC or CSIRT environment;
Experience with setting best practices quality controls over SOC process;
preferable

Knowledge of the architecture and design of the SOC environment;
Knowledge of log aggregation, SIEM solutions and Digital Analytics Platforms such as QRadar, Splunk, ArcSight, ELK, etc ;
Knowledge of Web Application Security Development. (OWASP);
Knowledge of some NIDS/NIPS or HIDS/HIPS tools.

Soft skills

Passion for Cyber Security;
Team player;
Self-starter, pro-active attitude;
Good communicator;
Good internal client facing skills;
Good analytical skills;
Autonomy, commitment and perseverance;
Attention to detail while seeing the bigger picture;
Ability to learn on-the-job and knowledge sharing;
Solid sense of integrity and identification with the mission;
Desire for continuous improvement of the Cyber Defence capabilities