Digital Program Specialist - Cyber Security Engineering

The Asian Infrastructure Investment Bank (AIIB) is a multilateral development bank whose mission is financing the Infrastructure for Tomorrow-infrastructure with sustainability at its core. We began operations in Beijing in January 2016 and have since grown to 105 approved members worldwide. We are capitalized at USD100 billion and Triple-A-rated by the major international credit rating agencies. Collaborating with partners, AIIB meets clients' needs by unlocking new capital and investing in infrastructure that is green, technology-enabled and promotes regional connectivity.

The Information Technology Department (ITD) is looking for a Digital Program Specialist for cybersecurity engineering. The cybersecurity function is the first line of defense to protect the Bank against cyber-attacks on AIIB’s entire digital landscape and to prevent the Bank from suffering financial losses and reputational damage.

The Digital Program Specialist will be an experienced and vigilant cybersecurity engineer whose responsibilities include Planning, Designing, Deployment, and Tuning cybersecurity products and technologies that provide security capabilities across the Bank. They should have an excellent understanding of cybersecurity standards and frameworks, extensive knowledge of how cybercriminals work, and the determination never to let them in.

The Digital Program Specialist will help keep cybercrime at bay, using their expertise and engineering skills to keep enhancing the Bank's cybersecurity infrastructures and systems. They should be passionate about providing high-standard cybersecurity services, have extensive knowledge of both external and insider threats, and have the determination to minimize cyber risks. They will create and manage technologies to safeguard AIIB's information and systems from cyber threats based on AIIB’s security practices and industry-accepted frameworks and following AIIB’s policies and legal requirements.

Responsibilities include but are not limited to:

• Plan, design, deploy, test, fine-tune and integrate, as well as manage product features and capabilities of cybersecurity technologies to protect information and prevent unauthorized access and attack towards AIIB IT environment.
• Partner with Security Operation Center (SOC) and other IT function teams to ensure effective and efficient design and functionality of cybersecurity solutions.
• Manage cybersecurity product vendors ensuring prompt delivery of quality services, features, capabilities, bug fixes, etc. by developing and managing operational and quality metrics.
• Continuously review the maturity and maintain the roadmap of cybersecurity solutions to lead the development of sound cyber protection capabilities.
• Contribute domain expertise to the development, implementation and updating of cybersecurity framework, policies, standards, guidelines, baselines, processes and procedures.
• Prepare regular cybersecurity reports and assessments as required by Management.
• Ensure that any actions to address gaps or weaknesses are appropriately assigned and completed in a timely manner to maintain cybersecurity, supporting audits, and control testing on cybersecurity. 
• Serve as the domain expert for cybersecurity prevention, response, and recovery.

Requirements:

• Minimum 5 years of direct experience of building and configuring cybersecurity technologies, including but not limited to SIEM, Anti-Malware, Firewall/IPS/UTM, Vulnerability Scanner, Endpoint Detection & Response, User and Entity Behavior Analytics, Web Application Firewall, Threat Intelligence, Honeypot, and other cybersecurity tools;
• Hands-on experience of developing and validating security baseline configurations for operating systems, databases, web servers, and networking equipment;
• Strong technical analysis and problem-solving skills; experience of DevOps toolsets would be an advantage;
• Demonstrated successful cyber security use case management and optimization with relevant security tools;
• Demonstrated experience of security tools integration and orchestration for hybrid environment; Cloud environment working experience of Azure and AWS would be an advantage;
• Demonstrated solid knowledge of information security principles, practices and regulations, including knowledge of International Security Frameworks and Standards, such as NIST Cyber Security Framework, MITRE ATT&CK, CIS, ISO/IEC 27000 Series and COBIT;
• Excellent engagement, relationship, project and stakeholder management skills;
• Results-oriented, with a meticulous eye for detail, with the ability to multi-task and prioritize multiple deadlines in a fast-paced environment;
• Security industry certifications such as CISSP, CISM, CISA, CRISC would be an advantage;
• Excellent team player to create a positive, professional, and fun working environment;
• Active learner with the learning by sharing attitude;
• Fluency in oral and written English is a must;
• Master's Degree preferred in Computer Science, Engineering, Risk Management, Cyber Security, or a related field.

AIIB is committed to diversity, transparency and inclusion. We believe our strength comes from having a team with the right diverse skills, experiences and abilities selected through a merit-based competitive process. We actively encourage applications from people from both within and outside AIIB members, regardless of nationality, religion, gender, race, disability or sexual orientation.

Previous experience and qualifications will determine the grade and job title at which successful applicants will enter AIIB.

Join us and help create a prosperous and sustainable Asia while growing your career in a diverse and innovative environment.