Senior Manager; Security Operations (1 Position(s))
Job Location :
Head Office, Hq
Job Purpose:
- Responsible to drive the bank’s cybersecurity monitoring and incident response initiatives to improve security monitoring capabilities.
- Strategically plan, organize, and lead security operations and offensive security initiatives, ensuring proactive detection, analysis, and response to internal and external cybersecurity threats.
Main Responsibilities:
Security Operations and Incident Response
- Oversee the implementation of security monitoring and incidents response strategy and roadmap for the bank.
- Establish real-time proactive monitoring and detection of security incidents and provide relevant notifications.
- Implement automated responses to cybersecurity incidents by integrating various security tools and developing necessary security automation.
- In collaboration with relevant stakeholders, oversee investigations of reported security incidents.
- Develop and provide actionable dashboards for visibility into security incidents.
- Provide both management and technical security monitoring statistics and reports to aid in decision-making.Red Team Operations and Security Testing
- Review and implement security testing strategy and roadmap for the bank.
- Plan, oversee, and implement all security testing engagements across the bank’s systems.
- Oversee and execute emergency security tests, including proof of concept, on discovered vulnerabilities within the bank’s environment.
- Conduct adversary simulations of malicious tactics with the intent of achieving specific objectives.
- Research, create, and maintain a repository of security testing tactics, techniques, and tools used by the bank.
- Work with system vendors and internal teams to verify the security of applications and systems implemented within the bank.Security Governance and Compliance
- Implement security governance by defining, developing, implementing, and maintaining relevant security policies, procedures, standards, and guidelines within security operations.
- Conduct research, evaluate, and make recommendations on security monitoring, incident response services, protocols, standards, and best practices.
- Ensure compliance with regulatory and industry security standards, including ISO 27001, PCI DSS / PIN, and other relevant frameworks.Leadership and Vendor Management
- Lead, mentor, and manage a team of security analysts, engineers, and penetration testers.
- Manage relationships with security vendors, ensuring the effective procurement, implementation, and maintenance of security tools and services.
Knowledge and Skills:
- Excellent knowledge of security monitoring technology landscape.
- In-depth knowledge of security of various operating system flavors such as Windows, Linux, and Unix.
- Knowledge of security applications, databases, and middleware technologies.
- Knowledge of common information Security Management Frameworks such as ISO/IEC 27001, NIST CSF, PCI etc.
- Knowledge of common information security testing frameworks and methodologies.
- In-depth knowledge of Security Incidents response process.
- Demonstrate leadership and personnel management skills.
- Good interpersonal, written, and oral communication skills in English and Swahili.
- Demonstrable honesty, integrity, and credibility; ability to engender the trust and confidence of internal constituency and external partners.
- Ability to communicate complex security concepts in an easy-to-understand business language.
Qualifications and Experience:
- Bachelor’s degree in Computer Science, Engineering or related academic field.
- Preferred professional certifications such as OSCP, CEH, CISM, CISA, CISSP or any other relevant security certifications.
- At least 5 years of relevant work experience in Cybersecurity.
- Solid hands-on experience in carrying out Penetration Testing engagements.
- Solid hands-on experience in enterprise security tools including security monitoring technologies such as SIEM and SOAR tools.
- Experience in detecting security event triage troubleshooting skills.NMB Bank Plc is an Equal Opportunity Employer. We are committed to creating a diverse environment and achieving a gender-balanced workforce.
Female candidates and people living with disabilities are strongly encouraged to apply for this position.NMB Bank Plc does not charge any fee in connection with the application or recruitment process. Should you receive a solicitation for the payment of a fee, please disregard it.Only shortlisted candidates will be contacted.
Job opening date : 28-Apr-2025
Job closing date : 12-May-2025
How to Apply:
Please follow the link provided below.
