Job Description:

About the Job:

Responsible for providing continuous independent assurance on the bank’s Information Security as regards confidentiality, integrity and availability of the IT infrastructure, processing systems and related resources in line with the Bank Information Security Policy.

Responsibilities:

• Monitoring: Ensure the confidentiality, integrity and availability of data, ensure all systems interfaces are secured, ensure users’ activities are logged and traceable.
• Analysis: Periodically perform vulnerability assessments & penetration tests, analyze data from user and network monitoring.
• Reporting: Actively review application, server, database, network logs and audit trails and report, provide and analyze departmental self-assessment reports, provide guidance on tools required to manage systems environment, be involved in providing forensic data.
• Review Implementation: Review all issues logged by users and analyze trends, initiate/facilitate/promote information security awareness, be involved in and provide security guidance during technology projects/systems deployment/upgrades/changes, continuous review of systems at all levels and make recommendations, manage all external parties’ access, ensure network is secure, establish and maintain BCP and DRP, spearhead a compliance program, establish and implement security documents, enforce patches/version management/virus control, pro-actively enforce and plan to mitigate risks and address threats.
• Personal Leadership & Development: Manage self, communicate effectively, commit to customer service, work collaboratively, deliver results, think and solve problems, keep abreast with staff communications, responsible for own career and PDP, adherence to bank policies/procedures/code of conduct, closure of identified deficiencies, live the brand values.
• Risk & Compliance: Attend training and comply with AML/CFT/CPF laws/rules/regulations, participate in AML/CFT/CPF bank programs, comply and not knowingly participate/assist in violations, report suspected money laundering cases, avoid misrepresentation and malicious reporting, avoid tipping off, not provide advice/assistance to individuals attempting to violate laws, respond to AML/CFT/CPF queries, co-operate with regulators and law enforcement.

Requirements:

• Academic Background: University degree in Information Technology or Computer Science from a recognized university.
• Work Experience: A minimum of three (3) years’ experience in IT with at least one (1) year experience in IT Security, Awareness and exposure in IT security with experience working in financial institutions.
• Skills & Competencies: Ability to use specialized tools and softwares to analyse/detect/investigate/report on vulnerabilities/threats, knowledge and experience with several relevant IT products (SIEMs, DAMs/WAFs, Antivirus, Firewalls & Patch Management), Keen attention to detail, Ability to work under pressure.
• Professional Certification: Relevant professional certifications.