Cybersecurity Operations Support Consultant

Beijing

Organization: AIIB - Asian Infrastructure Investment Bank
Location: Beijing
Grade: Consultancy - Consultant - Contractors Agreement
Occupational Groups:
- Operations and Administrations
- Information Technology and Computer Science
- Security and Safety
Closing Date: Closed

Application close date

04/22/2024

1. Project Background

The Asian Infrastructure Investment Bank (AIIB) is a multilateral development bank whose mission is financing Infrastructure for Tomorrow - infrastructure with sustainability at its core. With the continuous growth of AIIB, the number of bank personnel is increasing, and more business applications are developed and deployed, higher cybersecurity maturity and compliance are required. As a result, we need to have a cybersecurity operations program with more advanced technologies integrated to meet the requirements. This program will also ensure the bank's digital workspace be more resilient to the modern threat landscape from more dispersed work force and advanced technologies leveraged by threat actors.

2. Objectives of the Assignment

The qualified Cybersecurity Operations Support Consultant will help lead some of the initiatives in AIIB cybersecurity operations program, work as a member of the cybersecurity operations team to participate the security event monitoring and incident management. As a successful candidate, the consultant will also help conduct system engineering tasks for AIIB's evolving cyber technology stacks and processes.

3. Scope of Services

1. Cybersecurity Operations Support 1.1. Establish and maintain the cybersecurity verification tools to continuously identify the vulnerabilities, assess the impact and manage the remediation to reduce the cybersecurity exposure according to AIIB requirements. 1.2. Use AIIB’s cybersecurity systems to analyze and detect cyber security threats or breaches, such as malware infection, phishing emails, APT attacks, etc. 1.3. Regularly review the security logs generated by AIIB’s application systems (like the Office 365, SAP) to identify abnormal events, such as risky logins, unauthorized access. 1.4. Collect and analyze external cyber threat intelligence, assess the impact on AIIB and propose proper response plans. 1.5. Participate in the incident handling process, provide technical assistance, collaborate with other teams, and communicate with users to support the whole lifecycle of AIIB cyber incident management. 1.6. Perform other related duties as assigned. 2. Cybersecurity Project Management Support: 2.1. Coordinate internal resources and third parties/vendors for the successful execution of cybersecurity projects, such as Vulnerability Management, Extended Detection and Response, Security Information and Event Management, Security Orchestration, Automation and Response, Data Leakage Prevention, Cloud Security Posture Management etc. 2.2. Ensure that all cybersecurity projects are delivered on-time, within scope and within budget. 2.3. Assist in the definition of project scope and objectives, involving all relevant stakeholders and ensuring technical feasibility. 2.4. Develop a detailed project plan to monitor and track progress. 2.5. Manage changes to the project scope, project schedule and project costs using appropriate verification techniques and skills. 2.6. Measure project performance using appropriate tools and techniques. 2.7. Report and escalate to management as needed. 2.8. Manage the relationship with the internal clients and all stakeholders. 2.9. Create and maintain comprehensive project documentation. 3. Cybersecurity Engineering Support 3.1. Conduct the proof-of-concept exercises with the input from technology assessment and business requirements, and convert the result into action plan for the cybersecurity operations team. 3.2. Research and report the security tooling from both commercial and open-source products. 3.3. Create and maintain cybersecurity lab with the hybrid cloud security testing capability. 3.4. Perform other related duties as assigned.

4. Consultancy Output / Deliverables

• Cybersecurity system technology design, implementation, and support documentation. • Project delivered with all the required project management documentation. • Security monitoring and incident response evidence collection and documentation. • System security testing and remediation documentation. • Documentation on security lab and security initiatives.

5. Implementation Arrangement

N/A

6. Support to the Consultant by the Bank

N/A

7. Knowledge Transfer and Training

N/A

Qualification Requirement

• Knowledge of security protection for digital workspace, hybrid cloud and business applications such Microsoft 365, Azure, AWS, VMware, SAP, etc. • Knowledge of security and monitoring products such as firewall, EDR, IDS/IPS, Sandbox, Anti-Malware, SIEM, CSPM, DLP, etc. • Familiar with popular operating systems such as Windows, Linux, macOS, etc. • Familiar with popular programming languages such as Python, Go, JavaScript, Power Shell, Unix Shell, SQL etc. as well as the low-code development platforms. • Bachelor’s degree or higher in Computer Science, Information Technology, Computer Programming, Information Security, etc. Equivalent combination of education and experience is acceptable. • At least two (2) years’ experience in cyber security engineering or security operations. • At least two (2) years’ IT project management experience. • One of the following certifications preferred. - Project Management Professional (PMP), Scrum Master - Information Security certification such as CISSP, CISA, CISM, CEH etc. - Security certification from vendors such as Microsoft, Amazon, Fortinet, IBM, etc. • Result driven with the focus to the details and passion for cyber security. • Excellent problem-solving and analytical skills, with the ability to quickly identify security issues and propose security solutions. • Self-starter with the ability to work both independently and as a team player. • Must be able to brainstorm with technical and non-technical personnel, thrive in a collaborative team environment, and quickly adapt to change. • Must be able to write thorough, concise, and user-friendly documentation in English. • Strong interpersonal communication skills in English, both verbal and written. • High degree of diplomacy, integrity, and tact.

This vacancy is now closed.
However, we have found similar vacancies for you: