|Job Type:||Full Time|
This is a versatile position within our dedicated Tech Security team. As a Security Analyst, you will be responsible for many important facets of information security. This role is perfect for a person that is dedicated, involved, helpful and that has an open mindset.
The dedicated Security Analyst we are looking for doesn’t only rely on existing tools, systems and reports to identify security weaknesses and incidents. We are looking for that special person that can also think out of the box and get things done.
What are you going to do? You’ll ….
Investigate and respond to security queries and escalations from internal and external sources, including managing the events from detection to classification as an incident, and through to closure
Provide support for security incident management including internal violations, attacks, malware, and system outages
Perform advanced troubleshooting techniques such as packet captures and forensic analysis
Enforce Information Security policies, standards, and processes and update and maintain critical security infrastructure
Liaison with key stakeholders/senior management of the bank for new risks arising from any incident, perform escalations based on severity of issue
Perform analysis of security logs and alerts generated by SIEM to pinpoint potential points of attack and fine tuning of existing SIEM rules to reduce false positives and creation of new rules from new use cases
Provide thorough and intuitive documentation for network and security designs, configurations, and standard operating procedures
Be expert knowledge of network security related best practices and policies
What are we looking for? You’ll have…
At least 3+ years of relevant working experience in cyber security and working with Server Operating Systems (Windows / Linux), network devices, and Security Information and Event Management (SIEM)
Also has experience with firewalls, IDS/IPS, Anti-Virus, network security and security threats, vulnerability & compliance scanning tools, and Privileged Access Management
Can connect the dots when seeing security alerts, understands the big picture and the consequences
Understanding complete SOC structure, responsibility includes working on Incident Management, Incident Handling, Threat hunting, Incident response, and reporting
Expert level of knowledge and demonstrated experience of common log management suites, Security Information and Event Management (SIEM) tools for the collection and real-time analysis of security information
Deep understanding of logging mechanisms of Windows, Linux, and MAC OS platforms, networking
Good understanding and knowledge of common industry cyber security frameworks, standards and methodologies, including; MITRE ATT&CK, OWASP, ISO2700x series, PCI DSS, GLBA, EU data security and privacy acts, APRA CPS234, CIS and NIST standards.
Detailed knowledge and demonstrated experience of common cybersecurity technologies such as; IDS / IPS / HIPS, EDR, Advanced Anti-malware prevention and analysis, Firewalls, Proxies, WAF, etc.
Identify potential risks, threats, vulnerabilities and exploits through malware analysis, vulnerability scanning, threat hunting, secure code review and penetration testing.
At ING, we want to make life simpler and more worthwhile - for everyone who banks with us, for the people who work with us, and the community at large, too. When you come to work at ING, you're joining a team where individuality isn't just accepted, it's encouraged. We've built a culture that's fun, friendly and supportive - it's the kind of place where you can be yourself and make the most of whatever you have to offer.
We give people the freedom to take risks, think differently, take ownership of their work, and make great things happen. We're here to help you get ahead and with our global network, there's plenty of scope to take your career in new directions, perhaps even ones you've never considered. People of all ages, sexual orientations, cultures and backgrounds are welcome to apply - likewise if you're living with a disability, or you have family or caring responsibilities. Sound like the kind of place you'd feel at home? We'd love to hear from you.
(One last thing, ING operates a direct talent-sourcing model. So, no agency introductions, please.)