The Role

The IT Risk Specialist role is highly technical and challenging with opportunities to be part of a team that will have a meaningful impact. The is expected to possess a adequate understanding of both cyber security and information technology and should understand concepts including computer networking, web and native application functionality, operating system functionality, cloud services, corporate network environments and operations. He should be able to learn advanced concepts such as endpoint protection evasion, covert operations, and tailored exploit development.

The role leverages previous penetration testing and Red Team experience. This may involve delivering Threat Intel-led Red Team exercises, developing social engineering test campaigns and the associated collateral, executing phishing campaigns and attempting to compromise internet-facing systems, conducting privilege escalation and lateral movement within the group’s networks, hunting for objectives with little-to-no information provided at hand and attempting to exfiltrate data from the network;  all while avoiding detection from the bank’s security operations teams. The role will require you to perform exploits at scale while remaining stealthy, identify and exploit misconfigurations in the corporate infrastructure, quickly and effectively parse data, present relevant data in a digestible manner, think well outside the bo

 Responsibilities

• Support the review and update of the technology risk management framework on an annual basis with the changes in the environment.
• Review technology policies, processes and procedures identify potential opportunities for improvement and alignment.
• Working across the technology department to analyze and better understand their risk profile.
• Review IT initiatives from technology risk perspectives and provide advisory and recommendation.
• Supervise the IT disaster recovery measures deployed across the group.
• Defining a risk and control methodology and framework to use in conducting risk assessments.
• Proactively managing risks so that there are no major incidents, breaches, or examples of non-compliance.
• Adhere to, advise, oversee, monitor and enforce enterprise frameworks and methodologies that relate to technology controls activities.
• Support the definition of the technology risk appetite statements
• Monitor Key Risk Indicators (KRIs) and report on deviation from defined technology risk appetite.
• Assist with the Technology Risk reporting operations, including scheduling key monthly meetings, monitoring key milestones, escalation of past due activities, problem triage and management.
• Increase awareness and enhance risk culture across the organization and provide day to day risk and control advise as trusted 2nd line subject matter expert.

The Ideal Candidate

• Bachelor’s degree in Computer Science, Information and Cyber Security, Technology or equivalent
• 5 years of relevant in information security or risk management, audit, information assurance preferably in Banking and Financial sector
• Must have CISA (Certified Information Systems Auditor) certification
• CISSP (Certified Information Systems Security Professional) * Added advantage
• Must have CCSP (Certified Cloud Security Professional) certification
• Other ISACA related Certification (e.g., CISM, CRISC or CGEIT) * Added advantage
• Consistently able to demonstrate or articulate value proposition
• Candidates must have hands on experience in performing risk assessments in diverse technology environments
• Good understanding of technology infrastructure, networks, and database management systems.
• Good understanding of cloud computing technologies and Microsoft Azure environment.
• Expertise in Linux machine recommended Kali and parrot.
• Familiar with various operating systems and databases
• Ability to both assess priorities and to focus on work in a structured fashion which delivers results
• Sound judgement and anticipation
• Strong integrity, independence, and resilience 
• Deliver with minimal supervision.
• Avid researcher of best practices and happenings in the global cyber space.
• Engage key stakeholders on actions required.
• Team player and contributor
• Strong problem-solving, persuasive skills and an ability to grasp abstract concepts and complex technology situations to challenge the status quo and further develop and build on our IT Risk Management Framework.
• Excellent communication skill, both verbal and written, with the ability to initiate and lead conversations with technology and business leaders and risk colleagues regarding anticipated and emerging issues.

The Role

The Cyber Risks & Red Team Specialist role is highly technical and challenging with opportunities to be part of a team that will have a meaningful impact. The is expected to possess a adequate understanding of both cyber security and information technology and should understand concepts including computer networking, web and native application functionality, operating system functionality, cloud services, corporate network environments and operations. He should be able to learn advanced concepts such as endpoint protection evasion, covert operations, and tailored exploit development.

The role leverages previous penetration testing and Red Team experience. This may involve delivering Threat Intel-led Red Team exercises, developing social engineering test campaigns and the associated collateral, executing phishing campaigns and attempting to compromise internet-facing systems, conducting privilege escalation and lateral movement within the group’s networks, hunting for objectives with little-to-no information provided at hand and attempting to exfiltrate data from the network;  all while avoiding detection from the bank’s security operations teams. The role will require you to perform exploits at scale while remaining stealthy, identify and exploit misconfigurations in the corporate infrastructure, quickly and effectively parse data, present relevant data in a digestible manner, think well outside the box.

Responsibilities

• Set-up internal second line of defense red team lab to enable targeted testing of the group’s environment as well as effective follow up of vulnerability remediations.
• Manage external red team exercises ensuring that noted risks are remediated and tracked.
• Review and propose updates to cyber risk management and information security frameworks and policies on an annual basis at a minimum.
• Enforce implementation of the cyber risk management and information security framework ensuring that key gaps and risks noted are well discussed, actioned and escalated.
• Support is ensuring the architecting and creation of secure solutions for the cloud that adhere to industry best practices through detailed risk assessments.
• Support the evaluation of security controls against the SaaS, IaaS and PaaS offerings provided.
• Support the creation and management of a new security risk management process to approve and authorize new capabilities and monitor the output of the process.
• As part of targeted risk assessments, review network architecture and artifact configurations (Firewalls, Routers, Switches, IDS, IPS) and give practical recommendations.
• Support first line IT units in coming up with baselines for implementation and in accordance with best practices these include baselines for secure coding, custom scripts and programs.
• Support in other reviews that might be allocated from time to time.
• Present findings with clarity to management and get buy-in for implementation of controls.
• Have the capability to mine forensic data for investigative and forensic if called upon.
• Support cyber forensic investigation and root cause analysis when required

Ideal Candidate

• Bachelor’s degree in Computer Science, Information and Cyber Security, Technology or equivalent
• 5 years of relevant in information security or risk management, preferably in Banking and Financial sector, with hands-on experience in penetration testing red teaming and information assurance assessments
• Minimum of CEH (Certified Ethical Hacker) certification or LPT (Licensed Penetration Tester)
• Any one ISACA related Certification (e.g. CISM, CISA, CRISC and CGEIT) * Added advantage
• CISSP (Certified Information Systems Security Professional) * Added advantage
• OSWP (Offensive Security Wireless Professional) * Added advantage
• OSEE (Open System Engineering Environment) * Added advantage
• OSCP (BEST) (Offensive Security Certified Professional) * Added advantage
• Consistently able to demonstrate or articulate value proposition
• Candidates must have demonstrated skills in penetration testing and ethical hacking having carried out:
  • Password guessing and cracking attacks.
  • Session hijacking and spoofing attacks.
  • Network traffic sniffing attacks.
  • Denial of Service attacks.
  • Exploiting buffer overflow vulnerabilities.
• Good understanding of networks and networking elements.
• Good understanding of web pages and it's technology.
• Expertise in Linux machine recommended Kali and parrot.
• Familiar with various operating systems and databases
• Red team experience
• Ability to both assess priorities and to focus on work in a structured fashion which delivers results
• Sound judgement and anticipation
• Strong integrity, independence, and resilience 

The Role

This Head of Cyber Risks & Red Team role is highly technical and challenging with opportunities to lead a team that will have a meaningful impact. The is expected to possess a deep understanding of both information security and information technology and should understand concepts including computer networking, web and native application functionality, operating system functionality, cloud services, corporate network environments and operations. He should be able to learn advanced concepts such as endpoint protection evasion, covert operations, and tailored exploit development.

The role leverages previous threat intelligence, and Red Team experience. This may involve delivering Threat Intel-led Red Team exercises, preparing a red team lab infrastructure, developing social engineering test campaigns and the associated collateral, executing phishing campaigns and attempting to compromise internet-facing systems, conducting privilege escalation and lateral movement within the group’s networks, hunting for objectives with little-to-no information provided at hand and attempting to exfiltrate data from the network;  all while avoiding detection from the bank’s security operations teams. The role will require you to perform exploits at scale while remaining stealthy, identify and exploit misconfigurations in the corporate infrastructure, quickly and effectively parse data, present relevant data in a digestible manner, think well outside the box.

At EGHL, you’ll be faced with complex problem-solving opportunities and hands-on technical opportunities on a daily basis to protect the Group’s most sensitive and valuable data through comprehensive and real-world scenario emulation, based off of the most up-to-date threat intelligence. You are expected to quickly assimilate new information, understand all the threat vectors in the group’s control environment and properly assess them. You will also be expected to create a team of red teamers and develop new skills as you progress

Responsibilities

• Responsible for the establishment of the group’s internal second line of defense red teaming capability to enable targeted testing of the group’s environment as well as effective follow up of vulnerability remediations.
• Perform red team assessments with purple team support, assumed breach assessments, ransomware readiness reviews (assessing susceptibly to modern ransomware threats), threat analysis and social-engineering assessments.
• Perform external/internal/cloud/wireless network assessments, web and mobile application testing, source code reviews, network security and IT architecture reviews.
• Define relevant key performance indicators and metrics for measuring the maturity of the Group’s security posture from red-teaming and cyber security assurance activities
• Provide both subject matter expertise and project management experience to serve as the “point person” for engagements and where required, supervise the scoping of prospective engagements by external vendors, participating in engagements from kickoff to completion.
• Interface with the relevant internal and external teams to clarify and provide support to address concerns, issues, or escalations; track and drive to closure any issues that impact the service and its value to the bank’s customers
• Develop comprehensive and accurate reports and presentations for both technical and executive audiences
• Oversee and manage implementation improvements to the group’s business processes, methodologies, tools, and client communication methods
• Provide expert experience building information, cybersecurity and it risk programs to include hands-on implementation and/or assessment of relevant controls
• Provide necessary support in investigations, cyber forensic investigation and root cause analysis when required.
• Use formal project management skills in planning, tracking, and reporting on project progress

Processes

• Provide assurance that the first line implements controls to comply with applicable laws and regulations and escalate significant policy and regulatory non-compliance matters and developments to the Group CISRO;
• Support the Testing and Assurance team, based thematic reviews, stress tests, regulatory submissions, and Internal and external audit reviews;
• Establish and maintain strong relationships with identified stakeholders and understand their strategic goals to ensure ICS alignment
• Assist with the articulation of the value of ICS controls and their bottom-line impact;
• Represent EGHL in internal and external meetings where required;

Risk Management

• Lead all red team assessments and management of ICS risks and reporting outcomes within EGHL and the individual subsidiaries;
• Highlight gaps or control weaknesses against security controls and standards, raising concerns to the CISRO and relevant forums;
• Provide recommendations and feedback based on ICS testing and assurance experience within EGHL and the subsidiaries;
• Provide input into Group wide ICS assessments, reporting, and strategies

People and Talent

• Lead through example and help to create the appropriate culture and values.
• Work in collaboration with risk and control partners.
• Work collaboratively with the CISRO Team
• Effective staff management to achieve operational objectives
• Agility to manage and balance own time among multiple tasks, and lead junior staff when required
• Uphold and reinforce the independence of the second line ICS Risk function.
• Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across EGHL. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
• Effectively and collaboratively identify, escalate, mitigate, and resolve risk, conduct and compliance matters.

Key Stakeholders

• Group Chief Risk Officer and other senior Risk management teams,
• Group CISRO, Head of IT and Cyber Security, Group Directors, Group CISO and other senior management
• IT Operations risk management and cloud governance heads and teams
• Group Internal Audit and other Business stakeholders 

Ideal Candidate

• Bachelor’s degree in Computer Science, Information and Cyber Security, Technology or equivalent
• Minimum of 7 years of relevant in information security or risk management, preferably in Banking and Financial sector, with 5 years hands-on experience in penetration testing red teaming and information assurance assessments
• Minimum of at least a CISSP, CISA, CISM or CRISC (at least one) certification
• Consistently able to demonstrate or articulate value proposition
• Prior positive interaction with C-level executives or senior executive personnel
• Candidates will also have one or more of the following
  • Licensed Penetration Tester (LPT)
  • Offensive Security Certified Expert (OSCE)
  • Offensive Security Evasion Techniques and Breaching Defences (OSEP)
  • Offensive Security Advanced Windows Exploitation (OSEE)
  • SANS Penetration Testing and Ethical Hacking / Purple Team certifications
• Red team operations and purple team delivery, including adversary emulation
• Operation of common command and control solutions
• Network penetration testing and manipulation of network infrastructure
• Shell scripting or automation of simple tasks using common scripting languages
• Developing, extending, or modifying exploits, shellcode, or exploit tools
• Technical report writing and documentation of red team testing activities
• Presentation of technical details to both a technical and executive audiences
• Windows, Linux, Unix and/or Mac operating systems including bash and PowerShell
• Experience in at least four of the following
  • Email, phone, or physical social-engineering assessments
  • Reverse engineering malware, data obfuscators, or ciphers
  • Thorough understanding of network protocols, data on the wire, and covert channels
  • Threat intelligence analysis
  • System administration of corporate environments and networking
  • Systems exploitation
  • Offensive security project management
  • Source code review for control flow and security flaws
  • Strong knowledge of tools used for wireless, web application, and network security testing
  • Mobile and/or web application assessments
  • Technical incident response processes and engagements