Reports To: Manager, Information Security
Department: Risk & Compliance
Location: Head office
Job Purpose: To be part of a team conducting 24/7 security monitoring of the Bank’s network, and systems, responding to alerts, conducting security assessments and providing security reports.
Key Responsibilities
- Be part of a team conducting 24/7 monitoring and analysis of security alerts and incidents generated by various security tools and technologies
- Conduct in-depth analysis of security events and incidents to identify root causes, indicators of compromise (IOCs), and attack vectors.
Monitoring current and emerging cyber risks and escalating the IOCs pre-emptively. - Configure and fine tune security monitoring systems to make sure the Bank is sufficiently protected.
- Stay current with emerging threats, vulnerabilities, and security technologies through continuous learning and professional development.
- Overseeing and implementing the Bank’s cyber security program and enforcing the cyber security policy/framework.
- Ensuring the bank maintains a current enterprise-wide knowledge base of its users, devices, applications and their relationships.
- Ensuring that information systems meet the needs of the bank, comply with the overall business strategies, ERM framework, risk appetite and ICT policies.
- Organizing cyber related training and awareness to improve security proficiency of staff.
- Conducting regular and comprehensive cyber risk assessments that consider people (i.e. employees, customers, customers, outsourcing and other external parties), processes, data, and technology across all its business lines and locations.
- Collaborate with other teams to address security vulnerabilities and improve overall security posture.
- Regularly review the Bank’s devices to ensure they are up to date with the latest patches, antivirus and conform to the Bank’s standards.
- Continuously assist in the IT disaster recovery and Business Continuity Management Planning.
- Develop and maintain Policies and Procedures to streamline monitoring and incident response processes to improve efficiency.
- Continuously improve the Bank’s detection tools and capabilities to keep pace with emerging threats
- Prepare reports for various stakeholders
- Any other official duties that may be allocated from time to time by the line manager.
Key Relationships:
Direct Reports to this Position – None
Customers of this Position – All Departments in the Bank, external parties and regulators
Skills, Competencies & Experience required for this Role
- A BSc. Information Technology/Computer Science/Cybersecurity/Business Technology or related fields.
- 2 years Technology experience with at least 1 year experience in Cybersecurity.
- A professional certification in any one of the following: Certified Cybersecurity (CC) / Certified SOC Analyst (CSA) / Certified Incident Handler (E |CIH) / Certified Threat Intelligence Analyst (CTIA) / Certified Ethical Hacker (CEH) / PENTEST+ / Security+ or their equivalent is an added advantage
- Technical knowledge of database, network, and operating systems security.
- Knowledge of various security methodologies and processes, and technical security solutions (firewall and intrusion detection systems).
- Knowledge and experience using one or more tools related to; SIEM, IDS/IPS systems, Network Security, Firewalls and Endpoint Protection Tools.
- Knowledge of TCP/IP Protocols, network analysis, and network/security applications.
- Strong interpersonal and communication skills.
