Responsible for all activities that occur within the SOC which will include threat management overview for intrusion detection systems, firewalls, enterprise anti-malware, log monitoring tools, and other security data sources. Handle incident and be part of the incident handling team to monitor and manage all IT security incidents.

Main Accountabilities

• Monitor, analyse, maintain, and protect the Banks’s networks, systems and assets for malicious activity typically using technologies such as Security Incident and Event Management (SIEM) FWs, IDS, IPS, AV, EDR and other security data sources.
• Respond rapidly and effectively to IT security incidents, managing them in a professional manner, including performing level 1 forensics for evidence gathering and preservation.
• Coordinate tasks as directed by the supervisor to assist in the improvement of the security of the Bank’s Infrastructure.
• Keep up to date with security trends, threats, and control measures.
• Carryout threat hunting and malware analysis activities to identify and stop malicious activities.
• Create new alert rules and logic to detect events of interest.
• Assist in the design, documentation, and execution of security awareness programs.
• Participate and risk-based analysis of security controls and requirements.
• Provide technical assistance to other IT functions with regards to security objectives and requirements.
• Monitor external threat environment for emerging threats and advise relevant stakeholders on appropriate courses of action.
• Perform configuration and administration of IT security systems and tools.
• Create operational procedures related to threat detection, analysis, containment, eradication, and recovery.
• Provide input into the preparation of various management reports for management information and decision making.

Qualifications and Experience

• Grade 12 School Certificate with five (5) ‘O’ Levels (credit or better).
• BSc /BEng in Computer Science or Computer Engineering; or equivalent.
• 3 years’ relevant experience

Key Knowledge and Attributes

• In-depth knowledge of IT security.
• Sound business ethics to deal with data privacy, computer security, environmental concerns etc.
• Professional qualification in IT Security such as CISSP, CISM, C|EH, OSCP, ECIH, GCIH, C|TIA, C|SA, CCNA/CCNP CYBEROPS.
• Knowledge of security frameworks and standards namely:

             a) Mitre Att&ck Framework
b) Cyber Kill Chain Methodology
c) ISO 27001/2 IT Security standard
d) NIST Cybersecurity Framework.

• Knowledge in IT Governance frameworks such as COBIT 2019 and ITIL.