At Veritran, the Cyber Resilience function is a multidisciplinary team managing the traditional areas of information security, business continuity, fraud management, and organizational resilience. Because of the fast expansion of Veritran geographically and into new industries, and our Cloud proposition, this is an exciting opportunity to evolve and mature the Cyber Resilience landscape in support of our Clients in an extremely dynamic, demanding, regulated, and innovative environment in collaboration with a team of experienced professionals in Cyber Resilience.
This position will be responsible for oversight and supporting our internal IT and Client Delivery IT organizations to ensure that our technical Cyber Resilience controls are well managed in our environments. The Clients of Veritran are processing sensitive data, like financial and personal data, through the Veritran Low-Code Platform, supporting their critical business processes. Cyber Resilience is an integral critical capability for Veritran to continuously deliver services to our Clients (and their Clients) despite adverse cyber events.
Responsibilities and Activities: Maintain the Cyber Resilience Architecture providing oversight and control on the layered protection/detection and response orchestration to map/maintain Veritran's control framework to applicable technology security controls (incl. supporting processes and people), including cloud architectures. Work closely with cross-functional teams to complete Cyber Resilience activities in projects and major initiatives. Have oversight, provide guidance, and manage compliance on our technical operational IT Security and Continuity related activities including Security tooling configuration management supported by other Technology Teams or Third Parties. Collaborate with Client security and compliance teams on related topics. Support delivering content for our Client Professional Service offering, like our Cyber Resilience Client Assurance Report. Develop, recommend, evaluate, integrate, and maintain security tools and manage delegation of activities. Support threat intelligence activities and research new technologies (including AI and Machine Learning) and support enhancements/mitigation activities. Work closely with the IT, Product, and Client Delivery Teams and support defining operational processes to ensure predictable Cyber Resilience guidance; refine Information Security processes and procedures. Support the Cyber Resilience Monitoring and Alerting management. Support in delivering monitoring/report on technical cyber resilience-related KPI/KRI. Support the Vulnerability and Change Management process. Support Cyber Resilience incident management and investigations with demonstrated in-depth knowledge of network operating systems, intrusion detection systems, event logs, and event correlation. Support (Clients/Regulatory) reviews and audits and support the Risk and Compliance team in technology-related topics. Support Threat Modelling and proactively propose fine-tuning the Information Security architecture because of newly identified threats or incidents that need remedial actions. Participate in the maintenance of our certifications like ISO27001, CSA STAR level 2, PCI-DSS, Soc 2 type II, and ISO22301. Support suitable Information Security awareness, advice, training, and educational activities. Programming and scripting knowledge is a plus, e.g., Python, Ruby, PowerShell, Bash. We look for these skills and/or the ability to learn/develop the following domains: Bachelor's Degree in Computer Science or related field. 3+ years of provable experience in cybersecurity and Business Continuity technology functions (Engineering/Administration/Architecture etc.). An ability to learn quickly and adapt to new environments. Hands-on experience with potential and experience to lead and manage. A passion for (cyber) innovation and continuous spotting and implementing enhancements. Strong relationship skills to work with diverse teams. Excellent communication skills, both verbal and written. Knowledge in Cloud Architecture and Cloud Cyber Resilience Management. Knowledge in related standards, including but not limited to ISO 27001, ISO 22301, NIST Cyber Security Framework, NIST 800-53, COBIT, CSA Framework, PCI DSS, EU GDPR, SOC type I and II.
#J-18808-Ljbffr
