Application close date

05/16/2026

Title

Cybersecurity Event Monitoring and Incident Response Consultant

ToR AI Generator Link

Use the AI TOR Generator to draft a new TOR or enhance your current version with clearer structure and language.

1. Project Background

Asian Infrastructure Investment Bank (AIIB) is a multilateral development bank with a mission to improve the social and economic outcomes in Asia. As the bank is growing and many business applications go-live, more and more cybersecurity monitoring and defense systems have been deployed to safeguard bank’s business applications and operations. Alerts and signals generated from monitoring systems or reported by end users, need to be triaged and further analyzed to confirm if they are actual threats and attacks to the Bank. Therefore, in addition to AIIB’s own resources, it will be greatly beneficial to involve external professionals to support and execute real time monitoring, triage, and incident investigation. It is a daily operation type of work and may involve work outside regular working hours.

2. Objectives of the Assignment

The qualified Cyber Security Event Monitoring and Incident Response Consultant will focus primarily on daily real time monitoring and analysis of cybersecurity alerts/signals from multiple sources, be the first point of contact for Cybersecurity incident and responsible for incident investigation and response activities including conduct forensic analysis (Tier 3 Analyst). The consultant will play a crucial role in strengthening the Bank's cybersecurity posture and ensuring the protection of digital workplace and business applications.

3. Scope of Services

1. Cybersecurity Operations: - Perform daily real time monitoring review and analysis of cybersecurity alerts/signals from multiple sources.- Triage security incidents including social engineering attacks, malware, hacking, unauthorized access, data breach, business email compromise etc.- Ensure incident documentation and handling is completed accurately within the case management system.- Refine current use cases implemented on the security stack to reduce/minimize false positives.- Create and maintain corresponding cybersecurity incident handling books- Support the improvement of related cybersecurity operations technologies 2. Digital Forensics and Incident Response:- Act as a first point of contact for cybersecurity incidents escalated by the Managed Security Services vendor and take responsibility end-to-end for incident investigation and response activities - Conduct forensic analysis to determine cause and extent of breach (where applicable)- Work together with various IT and business stakeholders to restore business operations with minimal impact efficiently. - Recommend remediation/recovery plans- Prepare timely, detailed and accurate incident report update3. Reporting:- Participating in the development, editing and reviewing various IT Security reports such as weekly and monthly security reports, business supporting reports, regular cybersecurity reports, threat alerts etc. - Provide post-incident reports for management and stakeholders encompassing easy to understand details on risk and impact, containment, remediation and threat actors etc.4. Other agreed cybersecurity related assignment- Performs other duties and responsibilities as assigned or required.

3. Scope of Services (Continued)

(No Value)

4. Consultancy Output / Deliverables

- Daily hands-on cybersecurity operation service delivery- Cybersecurity monitoring daily records, weekly and monthly reports- Cybersecurity incident reports and forensics reports where applicable- Up-to-date SIEM use cases- Up-to-date Cybersecurity incident handling books- Project delivered with all the required project management documentation.- Other agreed cybersecurity related deliverables.

4. Consultancy Output / Deliverables (Continued)

(No Value)

5. Implementation Arrangement

Perform related duties as assigned

5. Implementation Arrangement (Continued)

(No Value)

6. Support to the Consultant by the Bank

Laptop, Network

7. Knowledge Transfer and Training

n/a

Qualification Requirement

- Proven domain expertise in cyber defense with intensive hands-on experience.- Knowledge of security protection for digital workspace, hybrid cloud and business applications such Microsoft 365, Azure, AWS etc.- Knowledge of security and monitoring products such as firewall, EDR, IDS/IPS, Sandbox, Anti-Malware, SIEM, DLP, etc.- Familiar with popular operating systems such as Windows, Linux, macOS, etc.- Bachelor’s degree or higher in Computer Science, Information Technology, Computer Programming, Information Security, etc. Equivalent combination of education and experience is acceptable.- Familiar with programming or scripting languages such as Python, Power Shell, Unix Shell, SQL etc. is a plus. - At least three (3) years’ experience in cyber security operations, digital forensics and incident response and/or cyber security engineering.

At Impactpool we do our best to provide you the most accurate info, but closing dates may be wrong on our site. Please check on the recruiting organization's page for the exact info. Candidates are responsible for complying with deadlines and are encouraged to submit applications well ahead.
Before applying, please make sure that you have read the requirements for the position and that you qualify. Applications from non-qualifying applicants will most likely be discarded by the recruiting manager.