Purple Team Engineering & Automation Sr. Manager
Standard Chartered Bank
Warsaw, Poland
6 d. temu

The Role Responsibilities

We are leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.

To us, good performance is about much more than turning a profit. It’s about showing how you embody our valued behaviours do the right thing, better together and never settle as well as our brand promise. Here for good.

We are committed to promoting equality in the workplace and creating and inclusive and flexible culture one where everyone can realise their full potential and make a positive contribution to our organisation.

This in turn helps us to provide better support to our broad client base.

Purple Team is a function designed to enhance the Bank’s ability to respond to cyber threats as well as bridge between the attack and defence teams.

We continuously leverage cyber threat intelligence to conduct adversary emulations, collaborate with defence teams as well as attack red’ team, to maximize their respective and combined effectiveness.

We are passionate about our work, we have various and different adversary simulations experience, we are focused on the needs of our stakeholders.

The Purple Team Engineering & Automation Analyst is a permanent role that requires knowledge and experience in engineering and automation, networking as well as basis of adversary simulations.

You will support Purple Team operations. Among other your priority will be to help building & maturing the Breach and Attack Simulation capability from the ground up to scale up the traditional offensive security program.

Once the attack simulation platform is deployed, you will provide engineering and automation support to Purple Team Operations in designing custom simulations that will assure the SCB ability to detect, prevent, and respond to sophisticated adversaries.

Additionally, you will support Purple Team operational activities streamlining the supporting processes, leveraging the available toolset to support book of work, maintain and developing R&D environment.

Strategy

The role is responsible for :

  • Implementing web services, libraries and tools in Python, in order to automate the security engagements, run by the Purple Team;
  • Collaborate with the Purple Team Operations team to build new UIs and flows for security analysis and automation;
  • Provide engineering and automation support for Purple Team Operations workflows and Breach and Attack Simulation tooling;
  • Maintain and develop R&D environment.
  • Business

  • Provide Purple Team and Blue Team with detailed solutions for technical issues;
  • Engaging closely with experts from Blue Team throughout the testing cycle;
  • Processes

  • Contribution in the execution of Purple Team exercises (emulation of Tactics, Techniques and Procedures);
  • Automating metrics and reports;
  • Contribution to Purple Team tooling development;
  • People and Talent

  • Develop and maintain an expert knowledge within the team of technology and industry trends in relation to business requirements and the Bank;
  • Actively participate in team’s lessons learned or experience sharing sessions;
  • Continuous development and conducting research on security engineering;
  • Risk Management

  • Ensure that all the risk management controls (project and infrastructure level) are in place and effective to ensure testing is conducted in a controlled manner, any business impact is kept within risk appetite;
  • Provide relevant planning documents (long term program, project backlog and project level documentation) information flows and protocols are in place documenting Purple Team activities;
  • Governance

  • Ensure compliance with relevant operational risk controls;
  • Knowledge, experience sharing, alignment with blue, red team, business and technology;
  • Regulatory & Business Conduct

  • Display exemplary conduct and live by the Group’s Values and Code of Conduct.
  • Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank.
  • This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.

  • Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.
  • Key Stakeholders

  • Group Cyber Security Services team.
  • Group Security Technology Services team.
  • Group CISO team.
  • Required :

  • Eager to shift from the current IT oriented area into adversary simulations
  • Basic understanding of adversary simulations
  • Strong network, automation, scripting skills
  • Analytical and open mindset
  • Experience with infrastructure scripting solutions such as PowerShell and Python
  • Experience in automating and orchestrating tasks with tools such as : Ansible, Chef, Puppet, Terraform, Jenkins
  • Experience administering and deploying tools such as : GITLAB, Artifactory, Confluence, JIRA,
  • Technical and troubleshooting skills with broad knowledge of Windows and Linux operating system environments, networking, server administration and virtualization
  • Familiarity with agile software development
  • Self-starting, organized, proactive, and requiring minimal management oversight;
  • BSc or higher in Computer Science, IT, IS, or equivalent area of technical study
  • Desired

  • Building and / or maintaining network infrastructure (linux servers, network services, C2).
  • Experience with adversarial attack tools, tactics and techniques
  • Familiarity with cloud infrastructure deployments (AWS, EKS)
  • Familiar with cloud concepts and practical deployment / maintenance skills.
  • Good hands on experience and skills :

  • Experience in working with cross-border and multicultural teams operating in different time zones
  • Fundamental skills of Task prioritization, Time management, Customer focus;
  • Detailed oriented, Strong deductive reasoning, critical thinking and problem-solving skills;
  • Agility to effectively address new challenges
  • Good oral / written communication skills for articulating thoughts clearly with stakeholders
  • Zgłoś tę pracę
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Aplikuj
    Mój adres email
    Klikając przycisk "Kontynuuj", wyrażam zgodę neuvoo na przetwarzanie moich danych i wysyłanie powiadomień e-mailem, zgodnie z zasadami przedstawionymi przez neuvoo. W każdej chwili mogę wycofać moją zgodę lub zrezygnować z subskrypcji.
    Kontynuuj
    Formularz wniosku