Cyber Incident Handling

• Devoteam is a leading European consultancy focused on digital strategy, technology platforms, cybersecurity and business transformation through technology. Focused on 6 areas of expertise, we address our clients' strategic challenges: Digital Business & Products, Data-driven Intelligence, Distributed Cloud, Business Automation, Cybersecurity and Sustainability achieved by Digitalisation.

Technology is in our DNA and we believe in it as a lever capable of driving change for the better, maintaining a balance that allows us to offer our clients top-level technological tools but always with the proximity and professionalism of a team that acts as a guide along the way.

Our 26 years of experience make us an innovative, consolidated and mature consulting firm that enables the development of our 10,000 people, continuously certifying our consultants in the latest technologies and having experts in: Cloud, BI, Data Analytics, Business Process Excellence, Customer Relationship Management, Cybersecurity, Digital Marketing, Machine Learning, Software Engineering and Development.

Devoteam has been awarded as Partner of the Year 2022 of the 5 cloud leaders: AWS, Google Cloud, Microsoft, Salesforce and ServiceNow.

#CreativeTechForBetterChange

Expertise to analyse, manage and investigate cyber incidents.

Handle and respond to cyber security incidents to ensure comprehensive and cohesive world class response: First triage activities, Analyze incidents and determine their impacts, Notification and Escalation of incidents according to its impacts, Participate in the containment, eradication, and recovery of major incidents, Document and keep track of every activity related with the incident response process.

Develop a post mortem analysis of systems and networks.

Manage complex cyber security incidents globally across the group. Become part of a world class capability that will own, respond and coordinate significant incidents ensuring successful resolution and adopting lessons learnt to increase the cyber resilience.

Orchestrate the necessary human and technical resources for the resolution of high impact cyber incidents.

Design and supervise an organized approach to address and manage the aftermath of a security breach or cyberattack in order to limit damage on internal systems, data, and networks and reduce recovery time and costs.

Drive continuous improvement in Santander´s cyber response capability through your involvement in the cyber readiness programme across the Global Cyber Respond Team.

Review and coordinate projects related with the development and improvement of Incident Response plans, policies, and procedures ensuring a consistent, professional and disciplined approach.

Participate in the cyber exercises programme to develop capabilities globally:

Design and execute focused development plans for entities and internal teams, addressing gaps in capability through innovative training solutions and cyber exercises, such as:

Live simulation / table top to test processes, such as critical business and technical playbooks.

Technical simulations, such as Cyber Ranges

Skills labs on the use of cyber incident orchestration tools and threat intelligence platforms.

Preparation and final QA of incident reports and minutes oriented to senior management audience.

Contribute to the establishment of a strong and collaborative Global Community between Cyber Threat Units.

Collaborate with key stakeholders within the bank, such as Global Forensics, Global Security Operations Centre, Corporate Security & Intelligence, Global Cyber Fraud, and the Secure User Experience team, among others.

Be available to participate in the incident response procedure in 24x7 basis, 8/hour shifts, and On-Call scheme.

EXPERIENCE

1+ years of experience in cyber security with a broad understanding of information security and previous experience as part of a CIRT, CSIRT or similar response team.

EDUCATION

Degree such in computer science, engineering or similar

SKILLS & KNOWLEDGE

Required

Knowledge of Incident Response and Handling methodologies – Experienced level.

Knowledge of cyber incident categories, incident response, and timelines for responses.

Knowledge of cyber defense and information security procedures and regulations.

Knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).

Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).

High level of English.

Recommended

Desired one or more of the following certifications (CISSP, CISA, CISM, CEH, OSCP, GCIH).

Experience in the financial/banking industry.

• • Establish Delivery Processes.
• Supervise team members performance.
• Distribute and assign the different projects and tasks.
• Monitor, control and support service delivery.
• Be accountable for the quality of Service, disponibility and performance.
• Interest in new technologies and a "liking" for the subject of reporting.