Asian Infrastructure Investment Bank (AIIB)

Digital Program Specialist (Cybersecurity Operations)

Asian Infrastructure Investment Bank (AIIB)

Job Description

Ref. Number: 21042 Department: IT Division Job Type: Global Recruitment Posting Date: April 14, 2021 Closing Date: May 5, 2021 Digital Program Specialist— Cybersecurity Operation The Asian Infrastructure Investment Bank (AIIB) is a multilateral development bank whose mission is financing the Infrastructure for Tomorrow—infrastructure with sustainability at its core. We began operations in Beijing in January 2016 and have since grown to 103 approved members worldwide. We are capitalized up to USD100 billion and Triple-A-rated by the major international credit rating agencies. Working with partners, AIIB meets clients’ needs by unlocking new capital and investing in infrastructure that is green, technology-enabled and promotes regional connectivity.

The Information Technology Department (ITD) is looking for a Digital Program Specialist for cybersecurity operations. They will be responsible for managing day-to-day cybersecurity operations to protect the confidentiality, integrity, and availability of AIIB information assets and meet AIIB compliance requirements. They will be expected to conduct Security Threat monitoring and Analysis, lead security incident response, forensics, and remediation, and continually improve procedures and processes for security operations.

The selected Specialist will work in a start-up, fast-paced, rapidly changing work environment. They will have the opportunity to drive IT process Design and will be exposed to cutting-edge cloud technology and a multilateral development bank’s business environment where they can hone skills in project management, communication, stakeholder management, planning, and risk management.

Responsibilities:

  • Execute all day-to-day operational level hands-on tasks, escalate identified cyber risks to the team leader, stay on-call during nonworking hours.
  • Conduct security threat monitoring and analysis; detect and respond to malicious behavior on cloud systems and applications, workstations, servers, and networks; and proactively hunt for threats within the environment.
  • Coordinate cross-department incident response and forensic processes, provide timely and relevant updates to appropriate stakeholders and decision-makers, and prepare incident reports and documents.
  • Assist in improving log management and security information and Event Management (SIEM) solutions, including optimizing the log collection and threat detection signatures, tuning systems/tools, and developing automation scripts and correlation rules.
  • Improve and enforce guidelines for best practices in security operations; and maintain knowledge of security tactics, techniques and procedures.
  • Independently engage with domestic and overseas third-party resources, such as cybersecurity authorities, agencies, and service providers.
  • Ensure that processes comply with IT governance processes and procedures and the Bank’s audit and control requirements, and support routine regulatory and compliance audit initiatives.
  • Ensure proper maintenance of documentation regarding all security operation activities.
  • Manage vendors, and perform related tasks such as procurement; contracting; development of a project plan; monitoring of progress, timesheets, and budget; and management of risk, etc.
  • Perform other duties as assigned including work in other areas to cover absences or serve as a relief to equalize peak work periods or otherwise balance the workload.
Candidate Requirements:

  • Demonstrated strong hands-on experience in the detection, response, mitigation, and forensics of cyber threats.
  • Demonstrated strong cybersecurity operation experience with mainstream SIEM solutions and multiple security technologies, such as antivirus software, intrusion detection, firewalls, and content filtering.
  • Demonstrated up-to-date knowledge of security protection of mainstream cloud platforms and key Banking systems, such as AWS, Azure, Office 365, SAP SaaS and SWIFT.
  • Solid understanding of the cybersecurity industry, current threat landscape, and legal and regulatory requirements.
  • Effective engagement, relationship and stakeholder management skills across the business at all levels including senior management.
  • Knowledgeable in ITIL processes.
  • Fluency in oral and written English is a must.
  • Minimum 5-8 years of relevant IT experience or equivalent.
  • Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP) or equivalent.
  • Master’s degree equivalent or higher in related fields from a reputable university.
AIIB is committed to diversity, transparency, and inclusion. We believe our strength comes from having a team with the right diverse skills, experiences, and abilities selected through a merit-based competitive process. We actively encourage applications from people from both within and outside AIIB members, regardless of nationality, religion, gender, race, disability, or sexual orientation.

Join in AIIB’s mission to promote sustainable infrastructure investments and to improve social and economic outcomes in Asia and beyond.

Previous experience and qualifications will determine the grade and job title at which successful applicants will enter AIIB.

Apply Now