Specialist - Cyber Threat Intelligence (UAE National)

Emirates NBD • Full-time • دبي, AE • 3d ago

COMPANY INTRODUCTION

Emirates NBD is a market leader across the MENAT (Middle East, North Africa and Türkiye) region with a presence in 13 countries, serving over 20 million customers. The Emirates NBD Group has a total of 853 branches and 4,213 ATMs / SDMs. Emirates NBD is the leading financial services brand in the UAE with a Brand value of USD 3.89 billion.

At the bank, we serve our customers and help them realise their financial objectives through a range of banking products and services including retail banking, corporate & institutional banking, Islamic banking, investment banking, private banking, asset management, global markets and treasury, and brokerage operations.

We are a key participant in the global digital banking industry, with 97% of all financial transactions and requests conducted outside of our branches. We also operate Liv, the lifestyle digital bank by Emirates NBD. With close to half a million users, it continues to be the fastest-growing digital bank in the region.

In line with the UAE Government’s strategy in empowering and developing nationals, Emirates NBD is committed to welcoming the young generation into an innovative, modern and supportive work environment to contribute to the nation's success. We are looking to find the best UAEN talent to join our ENBD family.

JOB PURPOSE

Specialist - Cyber Threat Intelligence (UAE National) is responsible for conducting cyber intelligence collection, analysis, dissemination and correlation combined with effective reporting which can be presented to senior management.

They will also act as standby resources for conducting the incident processes to ensure they are well drilled and effective. Maintain acceptable cyber hygiene levels and ensure the goals of the unit are met.

RESPONSIBILITIES

Threat Intelligence

Collect and analyze open source intelligence (OSINT)
Develop technical expertise on threat actors, attack trends, and attack tactics, techniques, and procedures (TTPs).
Draft, edit, and review threat intelligence analysis from multiple sources
Help in managing vendor relationships
Develop intelligence on, characterize, and track threat actors’ activities, ranging from tactical level capabilities to global operations
Help in producing intelligence reporting (ranging from short to longer reports) on threat and threat actor activities
Maintain current knowledge of tools and best-practices in advanced persistent threats; tools, techniques, and procedures (TTPs) of threat actors;Identify and hunt for related TTPs and Indicators of Compromise (IOCs) across all internal/external repositories
Correlate collected intelligence, to build upon a larger knowledge base of tracked threat activity
Provide both technical level intelligence briefings / presentations
IOC collection and management

Incident Management

Conduct the investigation and/or help the containment teams during an incident.
Create technical findings (investigative or otherwise) which can be presented to senior management.
Help meet SLA’s defined for Incident Management.
Prepare and provide relevant reports for identified incidents.
Prepare and maintain relevant documentation for Incident Management.
Ensure the relevant documentation is kept upto date at all times.
Proactively identify gaps and remediate them to keep observations from Auditors and Regulators to a minimum.
Help the CSIRT during security incidents.

Security Monitoring

Assist in the CyberSecurity Monitoring Operations of the Bank.
Keep upto date on the latest security threats and feed them into the Monitoring Operations to help ensure those are pro-actively detected and mitigated in the Bank.
Assist in the timely reporting of Security incidents to relevant stakeholders.
Assist in ensuring Monitoring should be continuous, covering 24/7 operations.
Assist in the preparation and maintenance of relevant documentation for CyberSecurity team.
Highlight gaps and recommend sound security practices to improve the monitoring.
Be a cost-effective solutions provider for security gaps.

Threat Hunting

Proactively and iteratively search through networks and datasets to detect advanced threats that evade automated tools.
Use both manual and machine assisted techniques to find the Tactics, Techniques and Procedures of advanced adversaries.
Trace attacker paths and detect suspicious patterns of threat actors.
Research innovative methods for making Threat Hunting more efficient and effective.
Develop processes and procedures for conducting continuous threat hunting as per industry best practices.
Collaborate to enhance the wider team’s operational/tactical intelligence products and to leverage them for targeted hunts.
Provide corrective recommendations to enhance any identified gaps in visibility and detection.

Project Management

Suggest new solutions to improve the Security Monitoring posture of the Group.
Conduct PoCs for new technologies which could help uplift the level of Security within the Group.
Run security projects end to end where necessary.

REQUIREMENTS

Candidate Profile

UAE National, with Family Book

Education

Bachelor degree in a Computer-related field such as Computer Science, Management Information System or Information Science or Mathematics
Desirable: Master’s degree in Business Administration, Information Security, Human Resource Management, Finance or International Business or Executive Education from reputed institutes like Harvard

Experience

7 years of overall Technology experience - with 3 years of it in Incident Response, Cyber Hunt, or other Technical Information Security positions.
Hands-on Python coding experience is a MUST.

Job Knowledge

Knowledge of current adversary techniques, vulnerability disclosures, data breach incidents, and security analysis techniques.
Experience in analyzing, gathering intelligence on, developing, and documenting threat group activities.
Experience in analyzing malware / offensive tools and threat actor tactics, techniques, and procedures to characterize threat actors’ technical methods for accomplishing their objectives or missions.
Demonstrated understanding of remediation and counter measures for challenging information security threats.
Moderate to advanced technical experience in network communication protocols
Conducting forensic analysis on and data captures from networks / packet capture, hosts (volatile/live memory), electronic media, log data, and network devices in support of intrusion analysis or enterprise level information security operations
Expert understanding of a company’s business processes, technology and information systems.
Must have knowledge on application and infrastructure security threats and mitigating measures
Deep knowledge on all aspects of Information Security concepts from broad range of technical and non- technical areas.
Ability to understand regulatory requirements and process efficiency frameworks
Ability to understand the details of ground level security issues, and its management
Ability to monitor and enforce improvements, when necessary, in line with regulatory requirements or best practices
Good knowledge of risk management frameworks and how to identify, manage and mitigate risk
Ability to create and review security policies, standards, procedures and hardening baselines

Skills

Cyber Threat intelligence technologies (Threat Intelligence Platforms (TIPS), malware analysis platforms, Maltego, etc.)
Familiarity with investigative tools and techniques such as host and network based analysis tools, forensic tools (Encase, Paraben, etc.), volatile memory analysis techniques.
Multiple operating systems, such as Windows, Linux/Unix, and Mac/OSX
Scripting (Shell/Python/R/etc.) / Programming in support of data analysis
Big Data analysis experience (Hadoop/Tableau/MongoDB/etc.)
Good hands-on experience with infrastructure technologies that involve perimeter protection, core protection and end-point protection/detection
Penetration testing experience is desirable. Must be able to understand and mitigate security issues that relate to applications.

Professional Certifications (Desirable)

GCTI, GCFA, GNFA, GREM, GCIH, GCFA, OCSP

WHAT WE OFFER YOU:

Competitive salary package
Market-leading bonus structure
Strong emphasis on work/life balance
Generous annual leave entitlement and Private Healthcare
World-class Learning & Development platform and career development
Preferential banking facilities for employees`

WHY JOIN US?

We aspire to be an employee’s employer of choice. We believe, we can help you realize your true potential by providing the right opportunities. At ENBD we are reimagining the future of work so that you can unlock your potential, every day we want to ensure, every employee can exceed in the future of work by upskilling, building new digital skills and knowledge. Our goal is to empower our employees to build a career experiences and skills they need in the future and that will produce a great outcome for our bank as well, we want our employees no matter their background, location, preferences to feel engaged to one ENBD team.

We encourage interested candidates to review the key responsibilities and qualifications for each role and apply for any positions that match their skills and capabilities. ENBD is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment, however due to high volume of applicants, only SHORTLISTED candidates will be contacted.

Apply