At Veritran, the Cyber Resilience function is a multidisciplinary team managing the traditional areas of information security, business continuity, fraud management, and organizational resilience. Due to the fast expansion of Veritran geographically and into new industries, as well as our Cloud proposition, this is an exciting opportunity to evolve and mature the Cyber Resilience landscape in support of our Clients in an extremely dynamic, demanding, regulated, and innovative environment in collaboration with a team of experienced professionals in Cyber Resilience. This position will be responsible for overseeing and supporting our internal IT and Client Delivery IT organizations to ensure that our technical Cyber Resilience related controls are well managed in our environments. The Clients of Veritran process sensitive data, such as financial and personal data, through the Veritran Low-Code Platform, supporting their critical business processes. Cyber Resilience is a critical capability for Veritran to continuously deliver services to our Clients (and their Clients) despite adverse cyber events.
Responsibilities: Maintain the Cyber Resilience Architecture providing oversight and control on the layered protection/detection and response orchestration to map/maintain Veritran's control framework to applicable technology security controls (including supporting processes and people), including cloud architectures.Work closely with cross-functional teams to complete Cyber Resilience activities in projects and major initiatives.Have oversight, provide guidance, and manage compliance on our technical operational IT Security and Continuity related activities including Security tooling configuration management supported by other Technology Teams or Third Parties.Collaborate with Client security and compliance teams on related topics.Support delivering content for our Client Professional Service offering, like our Cyber Resilience Client Assurance Report.Develop, recommend, evaluate, integrate, and maintain security tools and manage delegation of activities.Support threat intelligence activities and research new technologies (including AI and Machine Learning) and support enhancements/mitigation activities.Work closely with the IT, Product, and Client Delivery Teams and support defining operational processes to ensure predictable Cyber Resilience guidance; refine Information Security processes and procedures.Support the Cyber Resilience Monitoring and Alerting management.Support in delivering monitor/report on technical cyber resilience related KPI/KRI.Support the Vulnerability and Change Management process.Support Cyber Resilience related incident management and investigations with demonstrated in-depth knowledge of networks, operating systems, intrusion detection systems, event logs, and event correlation.Support (Clients/Regulatory) reviews and audits and support the Risk and Compliance team in technology related topics.Support Threat Modelling and proactively propose fine-tuning the Information Security architecture because of newly identified threats or incidents which need remedial actions.Participate in the maintenance of our certifications like ISO27001, CSA STAR level 2, PCI-DSS, SOC 2 Type II, and ISO22301.Support suitable Information Security awareness, advice, training, and educational activities.Programming and scripting knowledge is a plus, e.g., Python, Ruby, PowerShell, Bash. Qualifications: Bachelor's Degree in Computer Science or related field.3+ years of provable experience in Cyber Security and Business Continuity technology functions (Engineering/Administration/Architecture, etc.).An ability to learn quickly and adapt to new environments.Hands-on experience with potential and experience to lead and manage.A passion for (cyber) innovation and continuously spotting and implementing enhancements.Strong relationship skills to work with diverse teams.Excellent communication skills, both verbal and written.Knowledge in Cloud Architectures and Cloud Cyber Resilience Management.Knowledge in related standards, such as but not limited to: ISO 27001, ISO22301, NIST Cyber Security Framework, NIST 800-53, COBIT, CSA Framework, PCI DSS, EU GDPR, SOC Type I and II.
#J-18808-Ljbffr
