Director - Cyber Operations - FinTech

Director - Cyber Operations - Leading FinTech Bank

Reporting to CTO, you will be responsible for :

Security operations :

- Real-time analysis of immediate threats, and triage whensomething goes wrong Cyber Risk and cyber intelligence

- Keeping abreast of developing security threats, andhelping the board understand potential security problems that might arise fromacquisitions or other big business moves

- Data loss and fraud prevention : Making sure internal staff doesn't misuse or steal data

- Security architecture : Planning, buying, and rolling out security hardware and software,and making sure IT and network infrastructure is designed with best security practices in mind

- Identity and access management : Ensuring that only authorized people have access torestricted data and systems

- Program management : Keeping ahead of security needs by implementing programs orprojects that mitigate risks - regular system patches, for instance

- Investigations and forensics : Determining what went wrong in a breach, dealing withthose responsible if they're internal, and planning to avoid repeats of the same crisis

- Governance : Making sure all of the above initiatives run smoothly and get the fundingthey need and that corporate leadership understands their importance

Candidates Profile :

12+years work experience in any Bank/ Fintech/ Industry expertise with strong technical hands on experience in :

- Deep experience in information security

- Relevant ground up experience originally as a network or systems administrator or from a security provider

- Having worked and ideally led a Security Operations Centre (SOC) or worked in aforensic incident response team

- Potentially have a background in the intelligence community (specifically "SignalsIntelligence" such as GCHQ)

- Very good understanding of cloud technology from the network

- Should have worked with BFSI clients or with any of the banks

Domain Expertise : Should have strong domain expertise in Digital forensics, Investigations, Incident Response,Mobile Forensics,Risk Assessments and ISMS Audits/GAP Analysis,ISMS Lead Auditor 27001:2013, PCI DSS Audit, Implementation and Compliance,Data Protection as per EU and BS10012Data Loss Prevention Architecture, Design, Workflow and Implementation.

- Business Continuity Planning and Strategic Management RSA eGRC,Computer/Digital Forensics/Mobile Forensics, Data Recovery

- Vulnerability Assessments & Penetration Testing,Incident Response

- Secure Architecture Design/Review/Assess & Implementation for NERC-CIP/IEC-62443/ICS,Secure Architecture Design using IPAM/ TPAM for achieving 4 EYE's, SEM/SIEM SOC Design

- Deployment, Troubleshooting and Fine Tuning,Log Management and Log Analysis,Protocol Analysis etc.