← back to jobs
> job detail
S
👽Other

Insider Threat Analyst (India, Malaysia) (Bangalore, IN)

Standard Chartered · Bangalore, IN
// classified as
Other (Adjacent or hard to classify.)
posted
1d ago
location
Bangalore, IN
languages
sql
tools
databricks, hadoop
> stack
sqldatabrickshadoop
> description
<div><div style="padding:10.0px 0.0px;border:1.0px solid transparent"><div style="font-size:14.0px;word-wrap:break-word"><H2 style="font-size:1.0em;margin:0.0px"><b>Job Summary</b></H2> </div><div><p> </p> <p><span style="color:black"><strong>Ready to take the next step in your career with us? </strong> </span></p> <p> </p> <p><span style="color:black">To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.  </span></p> <p><span style="color:black">We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base. </span></p> <p> </p> <p><span style="color:black"><strong>About the team</strong> </span></p> <p><span style="color:black">The Insider Threat Defence Team (part of the Cybersecurity &amp; Anti-Crime Technology function within Technology &amp; Operations) is a relatively new team, which has started to make a big impact. The team works with stakeholders and peers across the Bank to detect, investigate and manage events which may harm the Bank or its’ assets. </span></p> <p> </p> <p><span style="color:black"><strong>About the role</strong> </span></p> <p> </p> <p><span style="color:black">We now need an <strong>Insider Threat Investigator </strong>to help us grow further. </span></p> <p><span style="color:black">In this role, you will be responsible for leading the day-to-day efforts to identify and assess insider risks, threats, and events as well as help identify control weaknesses and drive control enhancements across a wide variety of business and functions at Standard Chartered.</span></p> <p> </p> <p><span style="color:black">As a senior specialist in the team you will be involved in complex investigations and surveillance of known or suspected threats as well as escalation to relevant stakeholders and partner functions including outcome management. </span></p> <p> </p> <p><span style="color:black">The successful candidate will have <strong>3+ years in cybersecurity </strong>and <strong>experience in conducting investigations, including forensics, applying risk assessment methodologies to uncover control gaps</strong> in business processes, applications, and assets. The candidate is expected to leverage relevant tools, data and analytics to <strong>independently conduct end-to-end insider threat investigations.</strong></span></p></div></div><div style="padding:10.0px 0.0px;border:1.0px solid transparent"><div style="font-size:14.0px;word-wrap:break-word"><H2 style="font-size:1.0em;margin:0.0px"><b>Key Responsibilities</b></H2> </div><div><p> </p> <p><span style="color:black"><strong><span style="font-size:10.0pt;font-family:arial, helvetica, sans-serif">Strategy</span></strong></span></p> <p> </p> <ul> <li style="color:black"><span style="color:black">Work with the Head of Insider Threat Defence to create long-term strategies for identifying and mitigating emerging insider risks.</span></li> <li style="color:black"><span style="color:black">Identify patterns and trends in insider threat incidents to inform strategic decision-making.</span></li> <li style="color:black"><span style="color:black">Continuously monitor user activity and system logs for suspicious behaviours using insider threat detection tools.</span></li> <li style="color:black"><span style="color:black">Analyse behavioural and digital data to identify high-risk individuals or activities.</span></li> <li style="color:black"><span style="color:black">Provide actionable insights to senior leadership, including quarterly and annual reports on program effectiveness.</span></li> </ul> <p> </p> <p><span style="color:black"><strong><span style="font-size:10.0pt;font-family:arial, helvetica, sans-serif">Business</span></strong></span></p> <p> </p> <ul> <li style="color:black"><span style="color:black">Collaborate with HR, Legal, and IT teams to align insider threat policies with organizational goals and compliance requirements.</span></li> <li style="color:black"><span style="color:black">Facilitate cross-functional communication and ensure alignment on mitigation strategies.</span></li> <li style="color:black"><span style="color:black">Responsible for investigating a diverse range of insider incidents, including physical policy violations, data leaks, espionage, frauds, and theft of IP.</span></li> <li style="color:black"><span style="color:black">Gather and analyse evidence, conduct interviews, apply technical expertise to identify root cause(s) and present legally compliant, objective findings and recommendations to stakeholders at all levels. </span></li> <li style="color:black"><span style="color:black">Ensure compliance with regulatory requirements and internal policies during investigations and program development.</span></li> </ul> <p> </p></div></div><div style="padding:10.0px 0.0px;border:1.0px solid transparent"><div style="font-size:14.0px;word-wrap:break-word"><H2 style="font-size:1.0em;margin:0.0px"><b></b></H2> </div><div><p> </p> <p><span style="color:black"><strong><span style="font-size:10.0pt;font-family:arial, helvetica, sans-serif">Processes</span></strong></span></p> <p> </p> <ul> <li style="color:black"><span style="color:black">Work with internal stakeholders to perform data correlation and enrichment across multiple sources (cyber, fraud, insider, physical, external threat intelligence).</span></li> <li style="color:black"><span style="color:black">Use AI-enabled analytics capabilities, including within platforms such as Databricks, to enhance, tune and drive insider threat detection use cases, including the development of risk indicators, detection logic and actionable insights.</span></li> <li style="color:black"><span style="color:black">Responsible for logging, prioritising and managing incidents reported by stakeholders and those received by the Insider Team via various channels. </span></li> <li style="color:black"><span style="color:black">Responsible for escalation of major incidents to the relevant stakeholders, ensuring proper communication and coordination throughout the incident resolution process.  </span></li> <li style="color:black"><span style="color:black">Provide consultation on analysis of incident data to identify trends, recurring issues, and areas requiring improvement. </span></li> <li style="color:black"><span style="color:black">Consult, provide recommendations, and assist leadership in the design, implementation, and execution of solutions to achieve the objectives of the Insider Threat Team. </span></li> <li style="color:black"><span style="color:black">Consult the Head of Insider Threat in developing trends and insights based upon datasets to drive continual improvements. </span></li> <li style="color:black"><span style="color:black">Provide consultation to the Insider Team in support of creating the insider threat assessment framework, methodology, gather and report on security metrics that demonstrate the relative cost/benefit of the security operations and other cybersecurity initiatives. </span></li> </ul> <p> </p></div></div><div style="padding:10.0px 0.0px;border:1.0px solid transparent"><div style="font-size:14.0px;word-wrap:break-word"><H2 style="font-size:1.0em;margin:0.0px"><b></b></H2> </div><div><p><span style="color:black"><strong><span style="font-size:10.0pt;font-family:arial, helvetica, sans-serif">People &amp; Talent</span></strong></span></p> <p> </p> <ul> <li style="color:black"><span style="color:black">Foster a culture of excellence, mentorship, and continuous learning within the team.</span></li> <li style="color:black"><span style="color:black">Cultivate a collaborative and inclusive environment to maximize team productivity and effectiveness.</span></li> <li style="color:black"><span style="color:black">Lead through example and build the appropriate culture and values. Set appropriate tone and expectations from their team and work in collaboration with risk and control partners.</span></li> </ul> <p> </p></div></div><div style="padding:10.0px 0.0px;border:1.0px solid transparent"><div style="font-size:14.0px;word-wrap:break-word"><H2 style="font-size:1.0em;margin:0.0px"><b></b></H2> </div><div><p><span style="color:black"><strong><span style="font-size:10.0pt;font-family:arial, helvetica, sans-serif">Risk Management</span></strong></span></p> <p> </p> <ul> <li style="color:black"><span style="color:black">Create operational plans and reports for business and functions in respect of Insider Threat Risk  management.</span></li> <li style="color:black"><span style="color:black">Implement and oversee risk management protocols to minimize potential vulnerabilities.</span></li> <li style="color:black"><span style="color:black">Regularly assess the risk landscape and adapt strategies to address new and existing threats.</span></li> <li style="color:black"><span style="color:black">Conduct regular risk assessments to identify vulnerabilities and threats to the organization’s data.</span></li> <li style="color:black"><span style="color:black">Provide consultation in support of status reporting to senior management, relevant working groups and Committees. Responsible for escalation of any material blockers and impediments in a timely manner. </span></li> <li style="color:black"><span style="color:black">Develop and implement mitigation strategies to address identified risks.</span></li> <li style="color:black"><span style="color:black">Monitor and analyse security incidents to improve response strategies.</span></li> </ul> <p> </p> <p><span style="color:black"><strong><span style="font-size:10.0pt;font-family:arial, helvetica, sans-serif">Governance</span></strong></span></p> <p> </p> <p><span style="color:black">Promote an environment where compliance with internal control functions and the external regulatory framework is a central priority of the service.</span></p> <p> </p></div></div><div style="padding:10.0px 0.0px;border:1.0px solid transparent"><div style="font-size:14.0px;word-wrap:break-word"><H2 style="font-size:1.0em;margin:0.0px"><b></b></H2> </div><div><p><span style="color:black"><strong><span style="font-size:10.0pt;font-family:arial, helvetica, sans-serif">Regulatory &amp; Business Conduct</span></strong></span></p> <p> </p> <ul> <li style="color:black"><span style="color:black">Display exemplary conduct and live by the <a style="color:black" href="https://scsg.service-now.com/myhr?id=myhr_kb_article&amp;sys_id=149f09cb87eff19082bb63d83cbb354b">Group’s Values and Code of Conduct</a>.</span></li> <li style="color:black"><span style="color:black">Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.</span></li> <li style="color:black"><span style="color:black">Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.</span></li> </ul> <p> </p> <p><span style="color:black"><strong><span style="font-size:10.0pt;font-family:arial, helvetica, sans-serif">Key stakeholders</span></strong></span></p> <p> </p> <ul> <li style="color:black"><span style="color:black">Technology &amp; Operations</span></li> <li style="color:black"><span style="color:black">Information &amp; Cyber Security</span></li> <li style="color:black"><span style="color:black">Cybersecurity &amp; Anti-crime Technology</span></li> <li style="color:black"><span style="color:black">Cyber Defence Centre</span></li> <li style="color:black"><span style="color:black">Insider threat Operations</span></li> <li style="color:black"><span style="color:black">Anti-crime Analytics</span></li> <li style="color:black"><span style="color:black">Group Threat Management</span></li> <li style="color:black"><span style="color:black">Data Loss Prevention</span></li> <li style="color:black"><span style="color:black">Fusion Technologies Working groups</span></li> <li style="color:black"><span style="color:black">CISO functions</span></li> <li style="color:black"><span style="color:black">Group Investigations</span></li> </ul> <p> </p></div></div><div style="padding:10.0px 0.0px;border:1.0px solid transparent"><div style="font-size:14.0px;word-wrap:break-word"><H2 style="font-size:1.0em;margin:0.0px"><b>Skills and Experience</b></H2> </div><div><p style="color:black"> </p> <ul> <li style="color:black"><span style="color:black">Advanced proficiency in, and understanding of, <strong><span style="text-decoration:underline">SIEM tools such as Splunk</span>, </strong>including the ability to<strong> <span style="text-decoration:underline">query, analyse and interpret security event data</span></strong> to support insider threat detection and investigations. Familiarity with <span style="text-decoration:underline"><strong>UEBA solutions and data loss prevention (DLP) technologies </strong></span>is advantageous.</span></li> <li style="color:black"><span style="color:black">Working knowledge of insider threat platforms, such as <strong><span style="text-decoration:underline">Microsoft Purview Insider Risk Management,</span> </strong>including the <span style="text-decoration:underline"><strong>triage, assessment and handling of alerts </strong></span>generated by these platforms.</span></li> <li style="color:black"><span style="color:black">Familiarity with <span style="text-decoration:underline"><strong>insider threat frameworks (e.g. MITRE, CERT)</strong>,</span> and knowledge of <span style="text-decoration:underline"><strong>human-centric risk indicators.</strong></span></span></li> <li style="color:black"><span style="color:black">Ability to<span style="text-decoration:underline"> <strong>write clear reports</strong> </span>and <span style="text-decoration:underline"><strong>communicate findings to technical and non-technical audiences.</strong></span></span></li> </ul> <p style="color:black"> </p> <p style="color:black"><span style="color:black"><span style="text-decoration:underline"><strong>Technical Competency: </strong></span></span></p> <ul> <li style="color:black"><span style="color:black">Knowledge of industry best practices and frameworks such as the <span style="text-decoration:underline"><strong>NIST Cybersecurity Framework (CSF), MITRE ATT&amp;CK, etc. </strong></span></span></li> <li style="color:black"><span style="color:black"><span style="text-decoration:underline"><strong>Strong SQL skills </strong></span>are required to query, analyse and interpret large datasets for insider threat detection and investigations. </span></li> <li style="color:black"><span style="color:black"><span style="text-decoration:underline"><strong>Working knowledge of Databricks </strong></span>or similar analytics platforms is advantageous, including use of<span style="text-decoration:underline"><strong> AI-enabled analytics</strong></span> features to enhance detection logic, identify anomalies and generate actionable insights.</span></li> <li style="color:black"><span style="color:black">Ability to use tools, data, and best practices to identify, assess, and manage potential Insider events as well as advise and guide others.</span></li> <li style="color:black"><span style="color:black"><span style="text-decoration:underline"><strong>SIEMs (Splunk preferred)</strong></span>, <span style="text-decoration:underline"><strong>big data platforms (Databricks, Hadoop, etc.)</strong></span>, and<span style="text-decoration:underline"><strong> automation tools</strong></span></span></li> </ul> <p style="color:black"> </p></div></div><div style="padding:10.0px 0.0px;border:1.0px solid transparent"><div style="font-size:14.0px;word-wrap:break-word"><H2 style="font-size:1.0em;margin:0.0px"><b>Qualifications</b></H2> </div><div><p> </p> <ul> <li style="color:black"><span style="color:black">Degree or equivalent experience in <span style="text-decoration:underline"><strong>d</strong><strong>igital forensics, insider threat investigation</strong></span> or significant work history in related roles.</span></li> <li style="color:black"><span style="color:black"><span style="text-decoration:underline"><strong>3+ years of experience in cybersecurity, </strong></span>with at least <span style="text-decoration:underline"><strong>1 year focused on insider threat detection, behavioural analysis or threat hunting.</strong></span></span></li> <li style="color:black"><span style="color:black">Cyber security certifications <strong><span style="text-decoration:underline">(e.g., CISSP, CISM, etc.),</span></strong> insider threat certifications<span style="text-decoration:underline"><strong> (e.g., ITPM, GCITP, etc.), </strong></span>Incident Management, Forensics or Investigation-focused certifications will be advantageous. </span></li> </ul></div></div><div style="padding:10.0px 0.0px;border:1.0px solid transparent"><div style="font-size:14.0px;word-wrap:break-word"><H2 style="font-size:1.0em;margin:0.0px"><b>About Standard Chartered</b></H2> </div><div><p>We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us.</p> <p>Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion.</p> <p>Together we:</p> <ul> <li><b>Do the right thing</b> and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do</li> <li><b>Never settle,</b> continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well</li> <li><b>Are better together,</b> we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term</li> </ul></div></div><div style="padding:10.0px 0.0px;border:1.0px solid transparent"><div style="font-size:14.0px;word-wrap:break-word"><H2 style="font-size:1.0em;margin:0.0px"><b>What we offer</b></H2> </div><div><p><b>In line with our Fair Pay Charter,</b> we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.</p> <ul> <li><b>Core bank funding for retirement savings, medical and life insurance,</b> with flexible and voluntary benefits available in some locations.</li> <li><b>Time-off</b> including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.</li> <li><b>Flexible working</b> options based around home and office locations, with flexible working patterns.</li> <li><b>Proactive wellbeing support</b> through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits</li> <li><b>A continuous learning culture</b> to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.</li> <li><b>Being part of an inclusive and values driven organisation,</b> one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.</li> </ul></div></div></div>