Talent.com
This job offer is not available in your country.
Infosec and Threat Assessment Manager

Infosec and Threat Assessment Manager

Emirates NBDBangalore Urban, Karnataka, India
12 days ago
Job description

COMPANY INTRODUCTION

Emirates NBD is a market leader across the MENAT (Middle East, North Africa and Türkiye) region with a presence in 13 countries, serving over 20 million customers. The Emirates NBD Group has a total of 853 branches and 4,213 ATMs / SDMs. Emirates NBD is the leading financial services brand in the UAE with a Brand value of USD 3.89 billion.

At the bank, we serve our customers and help them realise their financial objectives through a range of banking products and services including retail banking, corporate & institutional banking, Islamic banking, investment banking, private banking, asset management, global markets and treasury, and brokerage operations.

We are a key participant in the global digital banking industry, with 97% of all financial transactions and requests conducted outside of our branches. We also operate Liv, the lifestyle digital bank by Emirates NBD. With close to half a million users, it continues to be the fastest-growing digital bank in the region.

JOB PURPOSE :

The Infosec and Threat Assessment Manager will conduct testing for Emirates NBD infosec assets through focused threat based methodologies, to identify, expose and exploit vulnerabilities to improve Cyber readiness and review security controls and system configurations across IT systems across the group to ensure their security posture and compliance.

Key Responsibilities :

  • Develop, manage and maintain the Security Assessment program as part of the Threat and Compliance (TCM) Charter and associated operating procedures based on the requirements of Emirates NBD policy, audit, compliance and regulatory requirements.
  • Develop, manage and maintain Emirates NBD portfolio of security assessment services and associated service catalog.
  • Develop, maintain and manage Emirates NBD threat modelling framework and operationalize these models into the security assessment program
  • Collect open source intelligence on threats and vulnerabilities applicable to Emirates NBD technology stack
  • Participate in event planning stages to develop Cyber assessment plans and conduct assessment tests against Emirates NBD group installations & controls
  • Ensure threat controls and systems are reviewed for appropriate, effective and optimal configuration across the Group.
  • Identify and track IT risks and gaps that are remediated through operational activities or treated via risk management process.
  • Responsible for threat activity reporting and insight on the IT technology assets used by the group.
  • Managing planned and ad-hoc review and reporting requests from stakeholders across Emirates NBD Technology and business functions
  • Interact with Emirates NBD Technology leadership to ensure that assessment activities are planned, published and scheduled.
  • Organize and participate in governance forums to present threats, associated vulnerabilities and compliance posture of the information assets of the bank.
  • Act as a security ninja and advisor to internal teams to advise known methods of breaking and bypassing controls
  • Participate in “Purple Teaming” exercises with defense teams
  • Operationalizing the threat modelling framework to be utilized for the Security Assessment program
  • Manage the portfolio of security assessment services
  • Proficient in industry best practices in threat and vulnerability management, analytical and correlation tools
  • Be accountable and responsible when conducting security assessments in a controlled manner that do not cause business impacts
  • Ensure maximum accuracy of all data being generated from the assessment reports and the scope covered as part of the assessment are adequate and relevant.
  • Identify and collate appropriate threat, vulnerability and risk metrics to ensure that representation of threats and risk are appropriate to risk appetite of the bank.
  • Conduct report read-outs on observations with technical stakeholders (auditee) and work hand-in-hand with them on remediation plans.
  • Work with Emirates NBD Technology leadership to ensure that identified vulnerabilities and agreed remediation plans are accepted and work with them to ensure that these are mitigated.
  • Ensure threats and mitigation measures are correctly populated into the threat register with accurate estimated dates of compliance and threat ratings as per the group’s methodology

Key Requirements :

  • Bachelors or Master’s degree in Computer Science, Mathematics or equivalent discipline
  • Master’s Degree in Business Management or equivalent
  • Certifications such as CISSP, OSCP, OSCE, CREST
  • Certifications such as GPEN, SANS GWAPT, SABSA.
  • 3-5 years of experience with technical Cyber security
  • Experience with Bash scripting, Java, Perl, Python, Rust, R, Golang, Node.js
  • Experience with Machine Learning frameworks and code development.
  • Experience with malware scanning tools
  • Experience with mobile and digitization platforms
  • Experience with threat modeling frameworks such as STRIDE, PASTA and VAST
  • Experience with rapidly evolving platforms like Cloud, DBMS (SQL or NoSQL based), Containerization Technologies & Micro services / API based architecture
  • Strong technical background covering heterogeneous technologies and multiple security domains
  • Deep knowledge of the gaps and weaknesses of a typical heterogeneous banking environment including the toolsets required for security assessments (Technical)
  • Deep experience in depicting vulnerabilities, accurate threat assessment and mitigation recommendation.
  • Deep experience in evaluating threats as per the latest threat environment affecting the region (Asia Pacific, EMEA & North Africa) and the world
  • Deep knowledge and skills in policies, standards and required controls (both technical and compliance based)
  • Extensive experience with Security scanning solutions for use cases in the SDLC lifecycle such as SAST, IAST, DAST and the infrastructure security posture management lifecycle and can quickly use all functionality within the solutions to interact with systems, through existing content (e.g. plugins), published baselines and custom developed content
  • Integrate Open-source frameworks and solutions into the Threat and Vulnerability solution environment to enable unified reporting.
  • Threat modelling experience
  • Superior verbal & written communication skills; should be able to simply and effectively explain security observations to technical personnel and to business personnel
  • Knowledge of assessing rapidly evolving technologies like Blockchains, Web 3 Technologies, Internet of Things, AI and Machine Learning, Containers and Cloud, Virtualization technologies, Data Platforms
  • Security Ninja with Analytical Thinking ability that thinks 3-4 steps ahead of an attacker and anticipates various attack / threat vectors
  • Is transparent, accepts responsibility and takes accountability; accepts mistakes and learns from them
  • Team Player who believes in working together; listen to other’s ideas; communicate accurately and concisely
    • Create a job alert for this search

    Manager Manager • Bangalore Urban, Karnataka, India

    Related jobs
    Infosec Manager

    Infosec Manager

    SwiggyBangalore_Embassy Tech Village
    Role : Infosec Manager Ways of Working – Work from Office- Be in Office -3 days (Tuesday / Wed / Thursday) Location : Bangalore | Karnataka Year of Experience : Minimum 10 years of experience in the secur...Show moreLast updated: 17 days ago
    • Promoted
    Infosec Engineer

    Infosec Engineer

    Tata Consultancy ServicesBengaluru, Karnataka, India
    TCS has been a great pioneer in feeding the fire of Young Techies like you.We are a global leader in the technology arena and there's nothing that can stop us from growing together.Evaluate securit...Show moreLast updated: 14 days ago
    Information Security Analyst - IT Risk Compliance and Infosec

    Information Security Analyst - IT Risk Compliance and Infosec

    First AdvantageBangalore, Karnataka, IN
    Quick Apply
    The Information Security Analyst will be responsible for the development, implementation, and maintenance of the FA’s information security program. The successful candidate will have experienc...Show moreLast updated: 30+ days ago
    Infosec-Elastic Search

    Infosec-Elastic Search

    PhonepeINDIA
    PhonePe is Indias leading digital payments company with 50 crore (500 Million) registered users and 3.Million) merchants covering over 99 PERCENT of the postal codes across India.On the back of it...Show moreLast updated: 30+ days ago
    Senior Threat Researcher

    Senior Threat Researcher

    CrossTab IT ConsultingBengaluru, Karnataka, India
    Our client's Threat Research Lab is seeking a.Senior Cybersecurity Threat Researcher.This role demands a deep understanding of threat intelligence, email and URL analysis, and automation scripting ...Show moreLast updated: 12 days ago
    Meeraq - Sales Manager - Impact Assessment Solutioning

    Meeraq - Sales Manager - Impact Assessment Solutioning

    MeeraqBangalore, India
    About BlueSkyCSR BlueSkyCSR is India's only NABCB-accredited independent impact assessment body for CSR projects, recognized for its rigorous, evidence-based app...Show moreLast updated: 4 days ago
    Head of Information Security

    Head of Information Security

    Bangalore International Airport LtdBengaluru, Karnataka, India
    Kempegowda International Airport, Bengaluru (KIAB / BLR Airport), named after founder of the City – Hiriya Kempegowda – has the unique distinction of being the first Greenfield Airport in India, est...Show moreLast updated: 1 day ago
    Network Security Architect

    Network Security Architect

    Cubical Operations LLPBengaluru, Karnataka, India
    Senior Manager – Network Security.Senior Manager – Network Security.The ideal candidate should have deep technical knowledge, strong stakeholder management skills, and proven experience in securing...Show moreLast updated: 1 day ago
    Assessment Manager TISAX

    Assessment Manager TISAX

    DNVBangalore, India
    DNV is seeking Assessment manager – TISAX for our Management System Certification (MSC) service line.We prefer already qualified candidates, but we are open for candidates with sufficient backgroun...Show moreLast updated: 6 days ago
    Information Security and Compliance

    Information Security and Compliance

    Zerodha Asset Management Pvt LtdBengaluru, India
    At Zerodha fund house, we are enabling the next generation of Indian investors.We feel mutual funds as a product needs to be reimagined to build simple & relevant investment solutions for the n...Show moreLast updated: 27 days ago
    • Promoted
    Senior Program Manager - Information Security (InfoSec)

    Senior Program Manager - Information Security (InfoSec)

    RubrikBengaluru, Karnataka, India
    The Rubrik Information Technology team influences business processes, employee experience, and technologies to scale our organization to $1B+. This team creates operational efficiency across the com...Show moreLast updated: 13 days ago
    R&D Infosec Architect

    R&D Infosec Architect

    First American IndiaBangalore, Karnataka, IND
    First American (India) is a GCC (Global Capability Center) of the First American Financial Corporation (NYSE : FAF) family of companies. FAI is a proud member of the FORTUNE 500 companies and has bee...Show moreLast updated: 17 days ago
    Infosec Engineer (M&A)

    Infosec Engineer (M&A)

    Cadence Design Systems, Inc.BANGALORE
    Develop and implement comprehensive cyber security strategies aligned with industry best practices and frameworks, including NIST CSF, CIS, MITRE ATT&CK, and the Cyber Kill Chain.Provide leadership...Show moreLast updated: 17 days ago
    Assessment Accessibility Manager

    Assessment Accessibility Manager

    RecroBengaluru, Karnataka, India
    Position Title : Assessment Accessibility Manager.Location : Marathahalli , Bangalore (Hybrid).Experience Required : 4 to 7 Years. Assessment Editorial group to publish CA’s assessments.As the Assessme...Show moreLast updated: 1 day ago
    Tech Lead

    Tech Lead

    [24]7.aiBangalore, KA, IN
    Summary of essential job functions.The overall responsibility of the team is to provide assurance to the management on the Information Security, Compliance and Risk Management of the organization g...Show moreLast updated: 30+ days ago
    Staff InfoSec Risk and Compliance Analyst (GRC Specialist) [T500-15155]

    Staff InfoSec Risk and Compliance Analyst (GRC Specialist) [T500-15155]

    ANSRBengaluru, Karnataka, India
    Illumina is a leading developer, manufacturer, and marketer of life science tools and integrated systems dedicated to making genomics useful for all. Illumina’s integrated Indian global hub in Benga...Show moreLast updated: 1 day ago
    Algotale-Infosec Engineer

    Algotale-Infosec Engineer

    NexthireBangalore, India
    We are seeking an Application Security Engineer to perform vulnerability assessments and penetration testing on web integrations, web application and mobile applications.Responsibilities ...Show moreLast updated: 30+ days ago
    Risk Assessment

    Risk Assessment

    Talent WorxBengaluru, KA, IN
    Quick Apply
    Our client in India, a professional services firm, is the Indian member firm affiliated.Our professionals leverage the global network of firms, providing detailed knowledge of local laws, regulatio...Show moreLast updated: 30+ days ago