We are seeking an experienced Cyber Security Engineer to support security operations within a commercial banking environment. The role focuses on security monitoring, incident response, threat detection, vulnerability management, and compliance with regulatory standards.
Key Requirements
- Bachelor's degree in Cybersecurity, Information Technology, or a related discipline
- 4 to 10 years of experience in Security Operations, SOC, or equivalent roles
- Strong hands‑on experience with SIEM platforms (e.g. Splunk)
- Solid knowledge of Windows and Linux systems, including Active Directory environments
- Good understanding of network security concepts such as firewalls, IDS/IPS, VPNs
- Familiarity with endpoint security, identity and access management (IAM) solutions
- Basic scripting skills (e.g. Python, PowerShell) are advantageous
Security Knowledge
- Threat landscapes and common attack vectors
- Security frameworks and industry standards
- Incident response lifecycle and methodologies
- Vulnerability assessment and remediation processes
Soft Skills
- Strong analytical and problem‑solving abilities
- Effective communication and stakeholder engagement skills
- Ability to perform under pressure, particularly during security incidents
- High attention to detail with strong documentation capabilities
Preferred Qualifications
- Relevant certifications such as CompTIA Security+, CEH, GIAC, or CISSP
- Experience working in regulated industries, particularly financial services
- Exposure to audit, risk, and compliance activities
Key Responsibilities
Security Monitoring & Incident Response
- Monitor and analyze security events from SIEM, EDR, and other security tools
- Investigate, triage, and respond to incidents such as malware infections, phishing attempts, and unauthorized access
- Conduct root cause analysis and recommend corrective and preventive actions
- Escalate incidents appropriately based on impact and severity
Threat Detection & Analysis
- Perform detailed log analysis across servers, endpoints, network devices, and applications
- Identify suspicious activities and anomalies using correlation rules and use cases
- Support and participate in threat hunting initiatives to uncover hidden risks
Security Tools & Platforms
- Manage and optimize security tools including SIEM, EDR, IAM, and vulnerability scanners
- Tune detection rules to improve accuracy and reduce false positives
- Assist in onboarding and integrating new security technologies
Vulnerability & Risk Management
- Conduct regular vulnerability scans and track remediation progress
- Collaborate with system owners to address identified risks
- Support risk assessments, including exceptions for legacy systems
Compliance & Governance
- Ensure systems adhere to security policies, standards, and baseline configurations
- Support internal and external audits through evidence collection and documentation
- Assist with ongoing compliance to frameworks such as ISO 27001, MAS TRM, and NIST
Configuration & Change Monitoring
- Monitor critical system and configuration changes
- Validate compliance with security hardening baselines
- Identify, document, and report configuration deviations
Reporting & Documentation
- Prepare incident reports, dashboards, and security metrics
- Maintain security playbooks, procedures, and detection use cases
- Provide regular updates to stakeholders on the organization's security posture
