- Work with Security Automation and tools around it, including but not limited to AWS Lambda, RunDeck, Jenkins, Terraform, Ansible, etc
- Manage security program development, security architecture, security tools and technology
- Steer the shaping and delivering of cutting-edge service offerings using industry-leading tools
- Lead hands-on implementation processes across multiple leading-edge technologies
- Perform security design reviews with development and product teams
- Create and foster a security culture in cloud operations and development
- Test and evaluate 3 rd party security technologies and tools
- Define and implement security monitoring and response procedures
- Produce and present security reports and roadmaps for management
- Regularly assist team members with maintenance, tuning, and implementation of Web Application Firewall, Content Delivery Network & other application layer security configurations as needed.
- Understand project approach to technical deployments for critical cyber security services including Infra DDoS Protection, Application Layer Security, TLS/SSL Certificates, Web Resilience & DNS Protection.
- To work effectively under pressure to prioritize project and BAU tasks per need/criticality.
- Participate in the Security Audits and Assessments.
- To quickly grasp the network design, application/infrastructure security concepts, techniques, technologies, and tools
- Should be able to adjust and work with diverse skilled team members.
- Provide contributions as assigned to any/all departmental projects, as assigned by management.
- Creation and regular maintenance of client impacting security issues & administrative/maintenance tasks.
- Participate in planning and coordinating installations, upgrade, migration and configuration.
- To contribute developing and maintaining optimal network performance, enforcing security measures and establishing good working relationship with the senior management and clients in order to facilitate a long-term technological direction and vision.
- Take part in red-team and offensive security exercises where applicable
- Support and deliver upon assigned security projects
- Architect, deploy and maintain proactive security tools including, but not limited to: Web Application Firewalls, DDoS Protection, Bot Mitigation (web applications), API Protection and custom tools
- Participate in Security Incident On-call rotation
Responsible to deliver the Banks Secure Web Browsing Service specific process Web FilteringRegulatory & Business Conduct
- Display exemplary conduct and live by the Group s Values and Code of Conduct.
- Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
Technology Services End User Services; Core Infra Services Networks; Second Line and Third Line of DefenceOther Responsibilities:Qualifications:
- Bachelor s Degree in Computer Science, IT / Information Systems.
- Overall 6 years of combined IT and Info Security work experience with a broad range of exposure to Information Security Systems
- 4+ Years' experience in Network Security related technologies (WAF,IDS/IPS, Firewalls)
- 2+ Years' experience in Web Application Firewalls, DNS Security, DDoS Protection
- 1+ Years' experience in log correlation SIEM solutions like Splunk
- Experience with Security Automation and tools around it including but not limited to AWS Lambda, RunDeck, Jenkins, Terraform, Ansible etc