Cyber Control Analyst

Organization: At CommBank, we never lose sight of the role we play in other people’s financial wellbeing. Our focus is to help people and businesses move forward, to progress. To make the right financial decisions and achieve their dreams, targets and aspirations. Regardless of where you work within our organisation, your initiative, talent, ideas and energy all contribute to the impact that we can make with our work. Together we can achieve great things.

Job Title: Cyber Control Analyst

Location: Bangalore

Business & Team:

The Technology business unit is responsible for the world leading application of technology and operations across every aspect of CommBank, from innovative product platforms for our customers to essential tools within our business. We also use technology to drive efficient and timely processing, an essential component of great customer service.

CommBank is recognised as leading the industry in IT and operations with its world-class platforms and processes, agile IT infrastructure, and innovation in everything from payments to internet banking and mobile apps

Cyber Security protects the Bank and our customers from theft, losses and risk events, through effective and proactive management of cyber security, privacy and operational risk.

We provide services that enable the measurement and management of operational, technology and security risks in an efficient and effective manner.

We are accountable for the successful delivery of the Bank’s multi-year cyber security program and the enactment of the Bank’s next generation Cyber Security Centre.

The Group Cyber Identity and Protection Management team proactively designs, metricizes, governs and reports on Group cyber security controls to ensure:

That we have cyber secure networks, applications, and systems That we are training our people to protect against cyber attack That we transparently report on control status and incrementally drive improvement

Impact & contribution

The Data Protection team safeguards the bank and its customers from data theft, data losses and risk events through effective management and governance of operational risks and proactive data protection controls. The Control Response Analyst - will be supporting the Data Classification and Data Loss Prevention control.

The contributions of this role will help to drive control governance and ensuring it is applied consistently across the Group.

Roles & Responsibilities

• Detect, respond and coordinate response for alerts while capturing essential details and artefacts within specified timeframe using the Groups case management systems.
• Maintain response documentation, participate in response team huddles and provide insights and reporting where relevant.
• Use data driven insights to optimise DLP monitoring/detection.
• Reporting on adherence to handling requirements/guidelines ie. correct repositories for storage of Unstructured Sensitive Data.
• Guidance for Classification and handling requirements to adhere to Policies and procedures.
• Escalate applicable alerts to other accountable functions within the Group (such as Cyber Defence Operations, Data Breach, Group Investigations, Control Governance, etc).
• Identify and record gaps in visibility and security posture through the course of investigations as per defined Standard Operating Procedures.
• Provide response feedback and actionable intelligence reports from internal and external sources to support the development of the control.
• Contribute to the Continual Service Improvement (CSI) of the teams’ monitoring operations through proactive analysis, engagement and collaboration with your team.
• Provide input as a subject matter expert into projects and initiatives where required.
• Undertake any other tasks assigned by your manager that you have the capability to perform safely in line with relevant internal Bank policies and external regulatory requirements.
• Proactively manage risk, internal, and external audit obligations and responsibilities, in line with the Groups operational risk management framework
• Support the regular reporting of important control metrics to key stakeholders and Risk groups.
• Demonstrate Group values as part of delivering your responsibilities.
• Adhere to the Code of Conduct . The Code of Conduct sets the standards of behaviours, actions and decisions we expect from our people.

Essential Skills :

• Experience :- 4 + Years
• Risk Mindset – All CommBank employees are expected to proactively identify and understand, openly discuss and act on current and future risks.
• Have experience in working with large volumes of data and are proficient in MS Excel
• An understanding or experience of machine learning
• Knowledge of enterprise systems, infrastructure and security controls.
• Ability to document and explain technical details clearly and concisely for different audiences.
• Prior experience in security operations or cyber control operations.

Education Qualification :-

• Bachelor’s degree or Master’s degree in Engineering in Computer Science/Information Technology