The role is responsible for overseeing the bank’s cybersecurity defence operations. This role ensures
that the SOC team effectively monitors, detects, analyses, and responds to cybersecurity incidents
and threats to protect the bank’s information systems and assets.
The role holder plays a pivotal role in protecting the bank’s assets, ensuring robust cybersecurity
defences and maintaining stakeholder trust.
Key Result Areas:
1. Responsible for providing technical guidance for the development and configuration of the Bank’s
IT Network and security infrastructure to ensure that the entire IT network and related services
operate securely in line with best practices in information security management.
2. Responsible for routine monitoring of the IT network to ensure security and compliance to set
security and other IT operating standards and procedures.
3. Review Database management system logs and report on any deviations (Oracle, SQL server,
Postgres and MySQL), review UNIX and windows server configurations, logs and updates; report
any deviations from policies, procedures.
4. Review activities of privileged access on all server operating systems, databases and conduct user
access reviews for domain, DBs, applications and devices in collaboration with IT service and
Infrastructure Managera
5. Perform security reviews of Endpoint devices and report any deviations from Policies.
6. Review data centre and Disaster Recovery site environmental conditions and report any deviations
from known standards and technology policy.
7. Lead and manage the security operations team, including analysts, incident responders, and
engineers.
8. Develop a continuous learning environment to keep the team updated on emerging threats and
technologies.
9. Ensure 24/7 coverage by managing shifts, on-call schedules and oversee continuous monitoring of
logs, network traffic, and system activities using SIEM (Security Information and Event Management)
tools. Ensure alerts are triaged and investigated promptly.

0. Guide the team in identifying and analyzing unknown threats or vulnerabilities within the
environment. Develop and implement proactive threat-hunting methodologies.
11. Lead the response to high-severity security incidents, ensuring rapid containment, eradication,
and recovery.
12. Develop and execute playbooks for various incident types (e.g., phishing, malware, ransomware).
13. Supervise forensic investigations to determine root causes and impacts of incidents. Ensure detailed
documentation of incident findings for internal review and reporting.
14. Liaise with other departments (e.g., IT, legal, compliance) to coordinate responses to significant
incidents.
15. Oversee the deployment, maintenance, and optimization of SOC tools, such as SIEM, endpoint
detection and response (EDR), intrusion detection/prevention systems (IDS/IPS), and threat
intelligence platforms.
16. Assess new security technologies and tools to improve Security Operations team capabilities.
Recommend investments in tools that align with the bank’s security strategy. Ensure seamless
integration of tools into operational workflows.
17. Integrate threat intelligence feeds into Security Operations processes to enrich incident analysis
and collaborate with external threat intelligence providers, industry peers, and regulatory bodies.
18. Develop and maintain playbooks, procedures, and runbooks for SOC operations. Ensure
consistency and compliance with organizational security policies.
19. Monitor adherence to regulatory and compliance frameworks, such as PCI DSS, GDPR, and local
banking regulations.
20. Track and report key metrics such as Mean Time to Detect (MTTD), Mean Time to Respond
(MTTR), and incident trends.
21. Provide regular reports to senior management on the SOC’s performance and the bank’s threat
landscape.
22. Conduct detailed reviews of incidents to identify lessons learned and update response strategies.
23. Work closely with IT, risk management, and other departments to align Security operations with
organizational goals.
24. Maintain relationships with regulators, auditors, law enforcement, and industry partners for threat
intelligence sharing and incident response coordination.
25. Oversee SOC operations provided by managed security service providers (MSSPs) if applicable.
Financial Responsibility:
Plan and manage the SOC budget for personnel, tools, and training.
Ensure proper allocation of resources to meet operational and strategic objectives.
Oversee contracts and relationships with third-party security vendors and service providers.
Person Specification
Education & Training:
1. Bachelor’s Degree in ICT or Computer related studies e.g. Computer Science, Computer
Engineering, IT, business computing or other related studies e.g. Electrical, Data Communication
and Networks
2. Post graduate qualifications and/or certification in IT security management e.g. CCNA, CEH
version 9, CISM (Certified Information Security Manager), CISSP, CISA, NSE1 or Certified Network
Security Professional (CCNSP) / CCNP)
3. Post graduate qualifications in Project Management is added advantage.
4. 6 years of progressive experience in systems security and network administration.
5. At least 4 years’ experience at a supervisory role in Cyber security department of a financial
institution or telecom.
6. Technical skills in Router, Firewall configuration and administration, Proxy system configuration
and management, Load balancer and UNIX/Linux systems security administration
7. Experience in endpoint security administration using any security tools such as Kaspersky Security
Centre, Microsoft endpoint protection etc
8. The Experience in Implementation and management of a SEIM, EDR, EPP, PAM, NAC and patch
management system

Skills & Experience:
1. Strong understanding of cybersecurity technologies, attack vectors, and defensive strategies.
2. Ability to manage and inspire a team of cybersecurity professionals.
3. Excellent communication skills to convey technical information to both technical and non-technical
stakeholders.
4. Expertise in identifying, analyzing, and mitigating security threats.
5. Familiarity with banking regulations and compliance standards
Business Behaviours:
1. A high level of integrity.
2. Ability to work under minimum supervision.
3. Teamwork and ability to work well with various teams in the Bank.
4. Respectfulness and cordial to foster good working relationships with the service providers and
customers.
5. Strong communication and interpersonal skills.
6. Have excellent coordination and organizational skills