Advanced Cyber Defense Manager

We are looking for an Advanced Cyber Defense Manager for an international banking group based in Madrid, Spain. The person will manage and develop the cybersecurity operations, Cyber Intelligence, Security Monitoring, Security Incident Response Teams and Threat Modelling, as well as managing the security supporting the CISO in the identification, monitoring, governance, reporting and control of Information Security Risks from a strategic, operational and technical perspective to aid the achievement of the group’s business objectives in an effective and efficient way.

Duties and responsibilities:

• The Advanced Cyber Defense Director will be responsible for the areas that make up Advanced Cyber Defence:
• Threat Modelling: Take the responsibilities of the conceptual modelling of the attack surface, the new assets and appliances and also the definition of the design of new case of use and the full use-case lifecycle management.
• Security Monitoring & analytics: is in charge of ensuring that the necessary, accessible and usable data is available at the necessary time (timely) to support the activities of the rest of the ACD areas (particularly Incident Response).
• Cyber Threat Intelligence: CTI provides information to strength the organization’s security posture by empowering stakeholders with an informed perspective on how cyber threats are relevant to their areas of responsibility. The activities involved include the information acquisition from different sources and sharing communities, the intelligence strategy, and the processing & analysis to generate different intelligence products
• Security Incident Response & Threat hunting: is the process by which the Group monitors, detects and responds to security events. This includes security alerts, triggered by preconfigured alerts on monitoring systems. When a new security incident occurs, the IR team handles it. The activities carried out encompass from the containment and eradication of the incident, to the recovery and generation of lessons learned. The creation of new playbooks are also part of the incident response process
• Identify Information Security risks and determine the controls, processes, governance, methodologies and technical architectures, services and tools needed to avoid or mitigate these risks.
• Provide support to security policy and control development; ensuring that both are aligned to industry best practice and regulatory requirements.
• Liaise regularly with Group CISOs to discuss the institutions risk posture taking into account different components such as internal findings, loss events, etc., including the management and reporting on KPIs and KRIs for information security.
• Coordinate internal and external audit finding remediation activities.
• Actively participate in the recruitment of information security team. Guide and mentor the team and take responsibility for their training and development.
• Provide the management and monitoring of the Unit programmes and budget.
• Own the assurance and relationships with industry partners, contractors, consultants and suppliers in the information security space.