Cyber Security Associate

About Us

BACB is a UK bank that offers trade finance and complementary products to clients in specialist markets, especially Africa and the Middle East.

We have been helping businesses with trade finance and complementary products for over half a century, focusing on trade flows to and from Africa and the Middle East as well as real estate in the UK.

Our in-depth knowledge of the countries and practices where our clients operate ensures that we put them first.

Additional Info

• Hybrid Working: 3 days onsite, 2 from home
• Location: City of London
• Contract Type: Permanent

Job Summary

As a key member of the newly created Cyber Security SOC, the incumbent will focus on enhancing the bank's incident response, threat intelligence ingestion and vulnerability management.

A successful candidate will play a pivotal role in ensuring the success of the Security Operations Centre (SOC), enhancing effectiveness of the cyber detection, triage, response and reporting capabilities. The role will include hands-on technical configuration improvement and analysis of cyber security tools as well as refinement of the departmental procedures, maturing these capabilities across all vectors involving the People, Process and Technology.

Key Work Outputs and Accountabilities

SOC Management:

• Lead deployment and daily operations of the SOC, including security events monitoring, detection, and response.
• Ensure adequate coverage and effective response to emerging threats and security events.

Threat Intelligence:

• Collect and analyse information from various sources to identify potential and existing cyber threats targeting the organization.
• Assess the credibility, severity, and potential impact of identified threats, providing actionable intelligence to inform security measures.
• Manage threat intelligence gathering and analysis to proactively identify risks and vulnerabilities.

Incident Response:

• Oversee incident response processes, ensuring timely and effective resolution of security incidents.
• Lead the creation of incident playbooks, ensuring these are regularly updated with any people, process or technology changes.
• Create formal incident reports and conduct post-incident reviews. Track the lessons learned implementation to improve response strategies.
• Provide threat intelligence and vulnerability management support during security incidents, helping to identify threat actors, tactics, techniques, and procedures (TTPs).

Vulnerability Assessment:

• Conduct regular vulnerability scans and assessments across the organization IT environment using tools.

Vulnerability Analysis and Remediation:

• Analyse vulnerabilities and threats, determine their potential impact, and recommend strategies for risk prevention.
• Collaborate with external threat intelligence providers to enhance the Bank's threat landscape awareness.

Security Tools Management:

• Supervise the deployment, configuration, and operation of security tools (e.g., SIEM, IDS/IPS).
• Ensure tools are optimized to detect threats while minimizing false positives.

Collaboration:

• Work closely with cross-functional teams, including incident responders and system administrators, to contain and remediate security incidents as well as vulnerabilities.

Documentation:

• Ensure that organisations vulnerability and incident management process documents are kept up to date and adequately aligned with the overarching cyber policy and risk requirements.
• Maintain detailed records of incidents and vulnerabilities, including analysis, response actions, and lessons learned, to continually improve SOC and vulnerability management processes.

Required Qualifications and Experience

Educational Background: Bachelor's degree in computer science, Information Technology, or a related field.

Experience: 3+ years of experience in vulnerability management, information security, or a related role.

Technical Proficiency: Advanced knowledge of cybersecurity tools and technologies, such as:

• Vulnerability management platforms (e.g. Tenable)
• SIEM (e.g., Splunk, QRadar, Arctic Wolf and Dark Trace)
• Threat intelligence platforms (e.g., Recorded Future, Mandiant)
• Strong understanding of cyber threat intelligence, attack vectors, and mitigation techniques.
• Firewalls, IDS/IPS, and DLP solutions
• Proficiency in incident response frameworks, such as SANS or NIST.

Certifications: Relevant certifications such as CISSP, CEH, or CompTIA Security+ are preferred.

Analytical Skills: Ability to analyse complex data sets to identify and mitigate security threats.

Communication Skills: Strong verbal and written communication skills to effectively collaborate with cross-functional teams and convey security concepts to non-technical team members.

Department Information Technology Role Associate Locations London Remote status Hybrid