Digital Program Specialist - Cybesecurity Operation
Ref. Number: 20093
Department: IT Division
Job Type: Global Recruitment
Posting Date: December 9, 2020
Closing Date: December 30, 2020
Digital Program Specialist— Cybersecurity Operation
The Asian Infrastructure Investment Bank (AIIB) was created to help foster social and economic development, create wealth, and improve infrastructure connectivity in Asia by investing in sustainable infrastructure and other productive sectors. As a new addition to the global multilateral development bank (MDB) family, AIIB works closely with other multilateral and bilateral institutions as well as the private sector to improve infrastructure by promoting regional cooperation and partnerships. AIIB has 103 members, including 20 prospective members, and has an authorized capital of USD100 billion, of which USD20 billion is paid in. AIIB is a triple-A-rated institution.
The Information Technology Department (ITD) is looking for a Digital Program Specialist for cybersecurity operations. They will be responsible for managing day-to-day cybersecurity operations to protect the confidentiality, integrity, and availability of AIIB information assets and meet AIIB compliance requirements. They will be expected to conduct security threat monitoring and analysis, lead security incident response, forensics and remediation, and continually improve security operations procedures and processes.
The selected Specialist will work in a start-up, fast-paced, rapidly changing work environment. They will have the opportunity to drive IT process design and will be exposed to cutting-edge cloud technology and a multilateral development bank’s business environment where they can hone skills in project management, communication, stakeholder management, planning, and risk management.
Key responsibilities include but are not limited to:
- Manage and organize internal and external resources to establish 24*7 cybersecurity operation capability.
- Lead security threat monitoring and analysis; detect and respond to malicious behavior on cloud systems and applications, workstations, servers, and networks; and proactively hunt threats within the environment.
- Conduct and coordinate cross-department incident response and forensic processes, provide timely and relevant updates to appropriate stakeholders and decision makers, and prepare incident reports and documents.
- Manage the log management and security information and event management (SIEM) solutions, optimize log collection and threat detection signatures, tune systems/tools, and develop automation scripts and correlation rules.
- Improve and enforce guidelines for best practices in security operations; and maintain knowledge of security tactics, techniques and procedures.
- Independently engage with domestic and overseas third-party resources, such as cybersecurity authorities, agencies, and service providers.
- Ensure that processes comply with IT governance processes and procedures and the Bank’s audit and control requirements, and support routine regulatory and compliance audit initiatives.
- Ensure proper maintenance of documentation regarding all security operation activities.
- Manage vendors, and perform related tasks such as procurement; contracting; development of a project plan; monitoring of progress, timesheets, and budget; and management of risk, etc.
- Identify potential project and technical risks, recommend and implement appropriate mitigation actions and escalate risks as appropriate.
- May perform other duties as assigned including work in other areas to cover absences or serve as relief to equalize peak work periods or otherwise balance the workload.
- Demonstrated strong hands-on experience in the detection, response, mitigation, and forensics of cyber threats.
- Demonstrated strong cybersecurity operation experience with mainstream SIEM solutions and multiple security technologies, such as antivirus software, intrusion detection, firewalls, and content filtering.
- Strong knowledge of security protection of mainstream cloud platforms, such as AWS, Azure, Office 365 and other SaaS.
- Solid understanding of the cybersecurity industry, current threat landscape, and legal and regulatory requirements.
- Excellent engagement, relationship and stakeholder management skills, across the business at all levels including senior management.
- Knowledgeable in ITIL processes.
- Fluency in oral and written English is a must.
- Minimum 5-8 years of relevant IT experience or equivalent.
- Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP) or equivalent.
- Master’s degree equivalent or higher in related fields from a reputable university.
AIIB is committed to diversity, transparency, and inclusion. We believe our strength comes from having a team with the right diverse skills, experiences, and abilities selected through a merit-based competitive process. We actively encourage applications from people from both within and outside AIIB members, regardless of nationality, religion, gender, race, disability, or sexual orientation.
Join in AIIB’s mission to promote sustainable infrastructure investments and to improve social and economic outcomes in Asia and beyond.
Previous experience and qualifications will determine the grade and job title at which successful applicants will enter AIIB.