This team is responsible to control/manage/operate all network security devices (firewalls, IDS, IPS, proxy, NAC, etc.) for the bank. The open role is specific for the SEM team (Service Enablement and Metrics). SEM team is the "check and balance" of our organization, covering Risk and Audit Controls, Inventory Management, Vendor and Finance Management, Metrics and Reporting, Service Level Management).
This area is responsible to make sure operations, engineering and even team managers are following the agreed processes, but also to propose more efficient ways of working, engage with external stakeholders (such as auditors, SVM - Sourcing and Vendor Management, CISO, IT Risk, etc.).
Service Enabling & Metrics team, as a part of Network Security & PAS team is a global function responsible for ensuring consistency across SEM in delivering efficiencies, improvements, and operational performance. The team is responsible for:
- Analysis of NetSec key work drivers to identify opportunities for improvement.
- Oversight and support managing SEM team workload to improve stakeholders' response time.
- Instilling a culture of continuous improvement throughout the organization.
- Support all ITIL processes.
- Reduce costs throughout our global organization by driving efficiency and consistency.
NetSec team went through an insourcing in 2020. Overall team comprehend about 120 people across the globe. Main locations are Zurich, London, New York, Warsaw, Pune, Raleigh. SEM team is formed by 8 employees, being 5 in Raleigh and 3 in Warsaw. We have a very diverse team, culturally inclusive and that works together very smoothly. Teams comes mainly from other IT areas (compute, end user support, IT processes, etc), but with very different backgrounds which helps create our unique personality.
- Lead NetSec SEM functions in various aspects of daily job, adhering to best delivery standards and guiding team members to achieve common goals.
- Measurement and Reporting (Develop KPIs / KRIs that complies with the NIST control requirements as well as build better understanding of our services and capabilities on different levels
- Develop key indicators that showcase the coverage of service performance to senior management
- Develop key indicators that showcase effectiveness of services on technical level
- Collaborate with Capability owners, data providers, CISO teams, operational teams to drive reporting requirements, develop dashboards, populate accurate data on regular basis
- Oversight and analyse KPIs/KRIs trends, highlight deviations proactively, oversight remediation of gaps.
- Ensure data is accurately populated for all existing metrics on regular basis within agreed deadlines.
- Drive dashboard creation for all services providing management and technical view in conjunction with capability/service owners.
- Drive reporting automation wherever possible.
- Inventory activities (Data Quality, Lifecycle Management, IT Hygiene initiatives, etc.)
- Interact proactively with various internal stakeholders to drive, support, oversight and follow-up on actions, responses, requirements on day-to-day basis to ensure full coverage of inventory management goals.
- Ensure no gaps exist in data quality, data attestations, effective management of various IT hygiene initiatives including end-of-life and other critical initiatives
- Work in collaboration with other domain SEMs, central POC, IT owners, capability owners on regular basis to ensure all goals are met and all processes are followed in timely manner.
- Establish governance and drive consistency for on going initiatives to ensure highest level of compliance and coverage.
- As a part of global working groups, deliver/execute quality assurance standards.
- Good understanding of network and security products and services.
- Present key deliverables to stake holders through various meetings.
- Based on analysis identify repetitive issues, service improvement possibilities and automation opportunities. Measure impact upon successful delivery.
- Develop a solid network of internal contacts with self-promotion and positive exposure.
- Participate in projects and initiatives run within organization
Who we're looking for?
- Very good English communication (verbal and written)
- Deep knowledge and understanding of IT inventory processes and controls - experience needed
- Good understanding of NIST controls and related metrics (KPIs and KRIs) - experience needed
- Good understanding of ITIL processes
- Understanding of network and network security concepts and main services and products
- 8-10 years of work experience
- Professional education based on a Master or Bachelor's degree in computer technology/data analytics. Familiarity with security standards (e.g., PCI DSS, NIST, ISO27002:2013) is a plus.
- Extensive analytical capabilities (strong situational analysis) and attention to detail.
- Ability to establish and maintain efficient working relationships with other IT teams that support components of all Network Security services.
- Confident Presentation skills - ability to present to business clients and stakeholders.
- Written communication - you must be able to produce clear, understandable, and unambiguous documentation and emails.
- Detailed understanding of the how the ownership/support responsibilities are organized.
- Self-motivated and have the capacity to work under pressure, generate own workloads, manage time effectively, set priorities and meet deadlines.
- Ability to learn new business situations and technology quickly, work independently, manage small and complicated tasks as well as long term projects whilst managing time effectively.
- Ability to indirectly manage resources under the assigned SEM functions.
- ITIL v3 foundation or working ITIL understanding is a plus.
- Knowledge of Tableau Reporting tool and Splunk is a plus.
- Hands on experience with excel macros and knowledge of scripting for reporting automation is a plus.