So do we.
Working at Erste Group means pursuing a common goal and being enthusiastic about shared values. We always treat one another with respect, empathy, and understanding for our diverse backgrounds. This applies to our customers as well as to our employees.
Threat Intelligence (Cyber/Information Security) Specialist (m/f/d)
Erste Group was founded in 1819 as the first Austrian savings bank and today it is one of the largest banking groups in Central and Eastern Europe (CEE). As an attractive employer, Erste Group offers interesting career opportunities in an international environment.
The target of Group Security Management is to constantly support business in bringing in new technologies and ideas and in order to secure the customer journey. To reach this goal we evaluate, define and govern appropriate security controls to identify and mitigate security risks.
We are looking for people who bring the willingness to understand our business and take the responsibility to secure the digital transformation.
- Perform tactical and strategic threat assessments (STAs) as part of the regular security reporting cycle. Pursue actionable intelligence on current threats as they relate to Erste Group
- Identify relevant CTI information (Tactics, Techniques, and Procedures used by cyber threat actors ) coming from monitoring teams of security operations (1LoD technical/operational)
- Determine major CTI information having an impact on the enterprise and as a consequence require an update of the security strategy/program
- Work with various intelligence collection and reporting tools and frameworks to produce CTI reports. Analyze and interpret open and closed source intelligence and data and assess potential threats
- Apply your analytic knowledge, tools, and tradecraft to provide insight, anticipatory warning, critical details, and successfully interact across multiple levels of business units of the bank
- Provide actionable insights, guidance and subject matter expertise to internal partners. Collaborate with internal teams – such as Legal, Fraud, Oprisk, Marketing and others – to ensure that any targeted threat issues encountered on Erste Group Bank AGs properties are identified and escalated appropriately
- Work with internal security teams to provide contextual visibility to ongoing investigations and may serve as an escalation point from security analysts
- Respond to requests for CTI ad-hoc reporting and research topics for management as required
- Generate security risk analyses (for technical and management audience)
- Support the update of the security compliance checking plan and contribute to the planning of (threat intelligence led) red team operations based on Erste Group Bank AG’s threat intelligence profile
- Perform security control assessments/security spot checks as 2nd line of defense function, to verify the implementation of security controls within EGB environment
- Proven ability to understand and explain the behaviors from criminal groups targeting financial enterprises. Ability to think like an attacker. Strong understanding of the intelligence cycle and industry models such as Kill Chain and MITRE ATT&CK framework
- Ability to quickly understand and identify relevant CTI information coming from various internal and external CTI information providers and map it to relevant business critical bank processes
- Proven ability to translate complex information sets into specific recommendations that can be actioned by business units of the bank to enhance their security posture
- Strong coordination and excellent communication and presentation skills within an international environment
- Experience in delivering Intelligence led assessments such as CBEST, TIBER is highly desirable
- Technical knowledge of current and past malware, attack methodologies, adversaries, cyber threats, defenses, motivations, techniques, methods and the intelligence lifecycle
- Knowledge of Unix shell and common scripting languages (e.g. Python)
- Experience with running and investigating systems using multiple platforms, including Linux, Windows, MacOS, Android, iOS
- Knowledge of security controls used for detection and defense (e.g. networking technologies, including firewalls, proxies, CASB,IDS/IPS)
- Knowledge on following technologies from security perspective: Mobile Applications, Single-Page Applications, Representational State Transfer (REST), SAML/OAuth, Web API Gateway, Secure Coding Techniques and Strong Authentication Methods is beneficial
- Knowledge of relevant standards and regulations like PSD2, PCI-DSS, NIS, RTS, ISO270xx, ITIL, COBIT, GDPR Certifications such as, are welcome: CCTIM, OSCP, OSCE, CCSAM
- Knowledge of agile security methods, team player, organizational skills (some project management education is of advantage)
- Fluent in English (German is beneficial)
- We offer you a very interesting and diversified position in a multi-cultural team and in an international and agile environment
- Amazing & challenging area of activity, development perspectives in the job, cooperation with various local and international units within the banking group in a department with interesting (team) colleagues.
- Be part of securing George and other highly innovative banking activities
- We believe in our people and foster their development and education
- A competitive and performance-related salary dependent on your professional and personal qualifications is granted – the minimum wage for this position in accordance with the respective collective agreement is EUR 38.052,– gross per year.
We are looking forward to hearing from you!
Degree of Employment: Full-Time
Primary Location: Vienna