Information Security Officer at ABC Bank (African Banking Corporation Limited)

The Incumbent will be  responsible forall the Information Security Management within the Banking systems,Business Continuity Management,reviewing the ICT policies and creating awareness to the Business  teams.This  is  a  high  visibility  role  which  forms  a  critical  part  in  monitoring  network activities  and  reporting  on  any  security  related  anomalies.  This  role  will  also  assist  in  ICT  related security investigations.

The incumbent will perform the amongst others the below responsibilities;

• Monitor  and analysethe  Bank’s  networks  for  malicious  activity  using events  and  log managementtoolsets. This will include responding to and investigating alerts, assisting with developing  new  security  monitoring  use  cases  and  ensuring  all  investigative  activity  is properly documented in the bank’s ticketing systems and followed up with relevant support teams.
• Document  all  activities  during  an  incident  and  providing  leadership  with  status  updates during the life cycle of the incident.
• Provide  analysis  regarding  intrusion  events,  security  incidents,  and  other  threat  indications and warning information from various outside agencies.
• Investigate intrusion attempts and perform in-depth analysis of exploits as well as providing network  intrusion  detection  expertise  to  support  timely  and  effective  decision  making  of when to declare an incident.
• Analysea  variety  of  network  and  host-based  security  appliance  logs  (Firewalls,  NIDS,  HIDS, Sys  Logs,  etc.)  to  determine  the  corrective  or  mitigation  actions  and  escalation  paths  for each incident.
• Conduct  digital  forensics  and  malware  analysis  triage  and  independently  follow  procedures to contain, analyse, and eradicate malicious activity.
• Monitor open source intelligence sources for potential threats against the Bank, and ensure appropriate defensive actions are taken with respect to these. 
• Run  vulnerabilityscans against Bank’s infrastructure, interpreting them and follow up with relevant ICT support teams.
• Triage issues and escalate them to the ICT Risk team, and ensure that appropriate follow-up actions are taken by the IT security
• Perform  continuous  systems  user  reviews  with  emphasis  on  exits,  joiners  and  internal movements, and take appropriate corrective actions where there are deviations.
• Liaise with business heads to continuously confirm and update rights and privileges of users in the bank by maintaining the user matrix and ensuring integrity as per laid down procedures.
• Develop,  maintain  and  manage  a third-partysecurity  assessment  program  for  key  vendor relationship while   ensuring   contracts   with   third   parties   contain   appropriate   security language, including data privacy and protection language required.
• Manage  Incident  Response  Plan  by  planning,  developing,  maintaining  and  enforcing  the Bank Incident Response Plan in addition to managing security incidents if/when they occur.
• Keep  abreast  of  the fast-changinginformation  systems  exposures/  threats  and  ensure  that adequate  and  up  to  date  information  systems  security  measures  are  in  place  for  the maximum protection of the Bank information assets.

Minimum Qualifications, Knowledge and Experience

• University degree in Computer Science or Information Technology and any other related field.
• IT Security Certifications such as CISSP, CISM, CRISC, CISA, CEH, CCNA Security, CCNA.
• Minimum 3 years’ experience in Security/Network administration with strong technical knowledge of database, network and operating systems security.
• Knowledge of various security methodologies and processes and technical security solutions (firewall and intrusion detection systems)
• Knowledge of TCP/IP Protocols, network analysis, and network/security applications.
• Working knowledge and experience in penetration testing and vulnerability assessments.
• Knowledge of common cybersecurity threats and sources of cybersecurity information.
• Good understanding and knowledge of risk assessment, risk procedures, security assessment, vulnerability management, penetration testing