IT Centre Europe (ITCE) oversees and manages the secure operations of IT applications and front-end systems used in all Bank of China (BOC) branches and representative offices located within Europe and Africa. The IT Risk and Compliance team within ITCE is primarily responsible for managing IT risks and compliance within the ITCE and EMEA institutions. As a Senior Cybersecurity Analyst, you will be responsible for managing daily security operations, including continuous threat monitoring, analysis and incident response. You will conduct risk assessments to identify potential security threats, discover vulnerabilities and weaknesses in security controls, and support the continuous improvement of security controls. You will also manage local security tools and promote new tools that strengthen the Bank’s cyber security. This is a full time permanent position.
Key responsibilities
-
Manage and operate local security devices, systems and tools in accordance with department’s policies and requirements
-
Coordinate and deliver the implementation of new security tools across the ITCE and EMEA regions
-
Conduct weekday threat monitoring shifts and participate in an on-call rota covering out-of-hours, weekends, and public holidays as and when required. Monitor, analyse, investigate, and respond to security threats and incidents, performing containment activities where required to minimise risk and support effective incident resolution
-
Participate in the security incident response process in ITCE and EMEA branches, and provide support to EMEA branches during incident response period
-
Monitor the Head Office intelligence platform, import Indicators of Compromise (IOCs) into local security tools and support EMEA branches in importing IOCs into their local security tools
-
Support the asset management process, including asset discovery, identification, registration, inventory management, and containment activities
-
Provide security training to end users
-
Prepare security operations MI data and reports for the security tools and domains
-
Organise security testing for ITCE’s infrastructure, perform security testing for EMEA branches and analyse the test findings
-
Perform vulnerability assessments and scanning activities across ITCE and EMEA branches
-
Develop cybersecurity emergency scenarios and assist to organise cybersecurity rehearsals
Requirements
-
Degree educated in Computer Science, Cybersecurity, or other relevant subject
-
Solid experience in cybersecurity operations and/or penetration testing
-
Hands-on experience with SIEM tools
-
Knowledge of IT regulations in the UK and EU
-
Knowledge of risk management, security and assurance and international standards
-
Knowledge of cybersecurity, network and wider information technology
-
Knowledge of vulnerability scanning tools
-
Excellent communication skills
-
Fluency in Mandarin is preferred
-
Team player
-
Excellent analytical and problem solving abilities
-
Attention to detail
-
Highly organised
Having a presence in the UK for more than 90 years, Bank of China London Branch has been providing an excellent financial service to the market and maintain its competitive edge as an international bank operated in the UK. It has employees in over 33 countries, and it is one of the most internationalised overseas branch in the Bank of China Group. The Bank values the diversity of its employees and aims to create an inclusive environment where everyone can speak up and enjoy the equal opportunities to grow both personally and professionally.