Incident Response Lead - OakNorth Bengaluru, Karnataka, India Bookmark Share Print 201 2 5

Listing Description

With offices in London, New York, Singapore, Istanbul, Gurgaon, Bangalore and Shanghai, OakNorth’s mission is to enable growth businesses to obtain the debt finance they need to pursue their ambitions. Our platform, which we developed to address this problem, is being used by several leading banks around the world, and by us in the UK via our own balance sheet lending.

OakNorth was set up in 2015 by Rishi Khosla and Joel Perlman, who previously co-founded Copal Amba and grew it to 3,000 employees over 12 years, before selling it to Moody’s (NYSE: MCO) in 2014, returning 125 times capital to seed investors.

Since its inception, OakNorth has secured over $1bn from several investors, including: Clermont Group, Coltrane, EDBI of Singapore, GIC, Indiabulls, NIBC, Toscafund, and SoftBank’s Vision Fund.

In the UK, the platform has helped us build a profitable loan book of over $4bn and secure over $600m of repayments. In terms of the impact this has had on the economy, our loans have directly helped with the creation of 10,000 new homes and 13,000 new jobs in the UK, as well as adding several billion pounds to the economy. Globally, the platform has been deployed at various banks across North America, Europe, and Asia.

Today, the global team is made up of 550 people.

An exciting opportunity with the OakNorth Cyber Security team has just opened, offering candidates a unique opportunity to contribute to the ambitious challenge to become a force for change in information security. We are actively seeking an Incident Response Lead to provide direction during incident detection, analysis, isolation, and recovery. As a rapid-growth organisation, we need someone to oversee continuous growth of our security posture in response to targeted attacks and sophisticated adversaries.

The ideal candidate will demonstrate a driven approach to maturing incident response operations, maintain a highly technical skillset, and communicate response actions to a diverse array of audiences. As a leader in OakNorth security operations, applicants should be comfortable providing direction and ownership during incident investigations and digital forensics. A successful Incident Response Lead needs to be able to challenge assumptions, relentlessly pursue a root cause, and drive development of security posture and culture across the organisation.

Preferred Qualifications:

Familiarity with risk profiles specific to banking and fintech organisations, including emerging threats, classes of attack, and ongoing campaigns.

Proficiency with security operations and intelligence tooling, such as next-generation SIEMs, reverse engineering tools, firewall management, endpoint detection and response, and ticket management platforms.

Experience coordinating war rooms and other incident management techniques in alignment with NIST guidelines.

Ability to derive actionable measures to enhance security controls from pattern analysis in both local events and the threat landscape.

Experience with utilising application programming interfaces to retrieve and store information, manipulate data formats, and facilitate tool communication.

One or more of the following certifications: SANS GCIH, SANS GCIA, SANS GREM, SANS GNFA, CISSP, or similar.

Minimal Qualifications:

Developed understanding of networking and security principles, including TCP/IP, attacker methodologies, exploit development, cryptography, and malicious code.

Expertise in tools, techniques, and procedures consistent with both routine cybercriminals and advanced adversary attacks using the cyber kill chain.

Aptitude with programming/scripting (C, Java, Python, x86 asm, Perl, Go, Ruby, PowerShell, etc.) to resolve outstanding information security puzzles and challenges. At least one known programming language should be fully object oriented.

Understanding of fundamental computer science algorithms, concepts, and

applications.

Knowledge of all security fundamentals, how they apply in real world situations, and how to gauge control effectiveness.

Excellent communication skills, particularly written communication, and a desire to bridge communication gaps between team members, the team and management, and with the larger security community.Provide strategic direction and ownership for Incident Response, coordinating with both internal and third-party resources to drive investigations.

Collaborate within a global team to mature incident handling processes, develop threat detection analytics, and provide detail analyses of complex events.

Introduce mentorship and guidance for more junior contributors to security operations, while meeting project-oriented objectives.

Own the incident handling process from identification to recovery, focusing on high-quality and exhaustive deliverables.

Continuously research and assess emerging threats, coordinating with threat intelligence resources to implement detection in alignment with MITRE ATT&CK.

Explore emerging cyber capabilities through research of next-generation analytics, machine learning techniques, and graphical relationship models.

Support forensic investigations, including internal inquiries and during malicious code research.

Develop and enhance a next-generation SIEM platform to correlate incidents in real-time, and drive automation of routine processes.