Cyber Threat Intelligence Analyst/ Senior Analyst

Strategic objectives:

Support Information security strategic program milestones

Functional Objective:

Information Security Program

Technical implementation of the Information security program and set actionable plan with IT.

Establish reporting communications that support Information Security IT threat Intelligence activities

Ensure implementation of necessary information security policies, standards, procedures and guidelines.

Threat Intelligence

Responsible for implementing of threat Intelligence program in parallel with threat vulnerability management program.

Follow the procedures to align with cyber security incident handling program.

Work closely with SOC to provide all needed information for proactive monitoring.

Maintain a current understanding the threat landscape for the Banking industry and closely aligned with head of Incident handling to provide security operation centre with up to date of Indication of compromise.

Maintaining the supported technologies and follow the processes for proactive actions against Zero Day Attacks and persistence threats.

Responsible for determining enterprise Information security standards, ensuring bank is regulatory compliant with the rules for relevant bodies, enforce adherence to security practices.

Risk Identification, classification ,assessment and evaluation

Monitor information Security assessment to determine whether information systems are protected, and controlled. Collect information and review documentation to ensure that risks are identified and evaluated.

Responsible for evaluate controls for information systems ( all IT systems) during the requirements, acquisition, development and testing phases for compliance with the Information Security policies, standards, procedures and applicable external requirements ,ensure Information security risks are addressed which could lead to organization financial and reputation loss.

Evaluate the design, implementation and monitoring of system and logical security controls to verify the confidentiality, integrity and availability of information, this to ensure overall Information Security that could lead to organization financial and reputation loss if data is breached.

Maintain and Monitor the risk register to ensure that all identified risks highlighted with related accountability, Monitor existing risk to ensure that changes are identified and managed appropriately.

Maintain the risk scenarios to estimate likelihood and impact of significant risks to the Information systems, Correlate identified risks to relevant business processes to assist in identifying risk ownership.

Analyse risks, incidents and interdependencies to determine their impact on IT Systems and relative business objectives.

Review IT Security Standards and Baselines

Enable the measurement of IT Information security processes.

Monitor the information systems (IT systems) control design and implementation processes against Information Security baselines and standards to ensure it is implemented effectively and within time.

Risk and Control Monitoring

Review and monitor key risk indicators (KRIs) to monitor and communicate their status to relevant stakeholders

Identify the gap between current and desired risk levels to manage risk ,evaluate information security controls to determine whether they are appropriately and effectively mitigating the risk to defined acceptable level

Monitor and Communicate key risk indicators (KRIs) and Management activities to assist relevant stakeholders in their decision-making Process

Identify and report on risk including compliance to initiate corrective action and meet business regulatory requirements

Ensure that risk assessments, vulnerability assessments and threat analysis are conducted periodically and consistently to identify risk to the organization’s information.

Information Security Risk Response

Share the responsibility to Identify and evaluate Risk Response Options and provide IT managers with information to enable risk response decisions

Apply Risk criteria to assist in the development of the risk profile for management approvals

Assist in the development of business cases supporting the investment plan to ensure risk responses are aligned with identified business objectives