The successful applicant will be responsible for analyzing security events, incidents, and vulnerabilities to identify potential threats and respond to them in a timely manner. He / She will work closely with other security professionals to protect the organization’s assets from cyber threats and attacks.

KEY RESPONSIBILITIES:

1. Monitor security event and incident logs and investigate potential security breaches.
2. Analyze security incidents and vulnerabilities to identify potential threats and recommend appropriate response actions.
3. Develop and maintain incident response plans, procedures, and playbooks.
4. Participate in security incident response activities, including containment, eradication, and recovery.
5. Perform security assessments and risk analyses to identify vulnerabilities and recommend security improvements.
6. Conduct security investigations and forensic analyses to determine the root cause of security incidents.
7. Update the Bank’s security systems regularly to avoid any cyber-attacks.
8. Prepare security risks and incidents reports for management, stakeholders, and customers.
9. Collaborate with other security professionals to improve the overall security posture of the Bank.
10. Stay current on emerging threats, vulnerabilities, and security technologies.
11. Implement key regulatory and compliance requirements.
12. Ensure protection of information assets and perform regular patch and access control management.
13. Review the security measures of networks, systems and applications to detect vulnerabilities.
14. Participate in development and implementation of appropriate and effective controls to mitigate identified threats and risks.
15. Ensure that disaster recovery and business continuity plans are in place and tested regularly.

QUALIFICATION AND EXPERIENCE REQUIRED:

1. Minimum of first degree in Computer Science, Cybersecurity, Information Technology or a related field.
2. At least five (5) years post qualification experience in a security operations centre or incident response role.
3. Relevant security certifications, such as GIAC, CompTIA Security+, or Certified Ethical Hacker (CEH) are a plus.
4. Experience in a financial institution will be an advantage.
5. Experience in analysing high volumes of logs and network data in support of incident investigations.
6. Membership of a recognised professional body will be an advantage.

KNOWLEDGE AND SKILLS REQUIRED:

1. Knowledge of security frameworks, such as NIST or ISO 27001.
2. Proficiency with Anti-Virus, HIPS, NAC, MFA, IDPS, Network and Database Firewalls
3. Working knowledge of security information and event management (SIEM) tools.
4. High level of integrity and result-oriented.
5. Knowledge of vulnerability scanning solutions.
6. Strong analytical and problem-solving skills.
7. Excellent communication and interpersonal skills.
8. Ability to work independently and as part of a team.
9. Must be a team player and willing to continuously develop skills.
10. Flexibility in working hours.