Summary

This role provides support in continuous security review of the bank systems and in recommending mitigation measures against risks and vulnerabilities identified with a view to improving confidentiality, integrity, and availability of bank information and information processing systems.

Responsibilities

• To perform regular vulnerability assessments & penetration testing of systems, mobile applications and other IT assets across the Group, communicating and liaising with IT stakeholders on the closure of the identified issues, in a prioritized manner
• To ensure that malware management practices and procedures are in place and executed efficiently. This includes ensuring all endpoints and servers have anti-malware protection, regular review, and remediation of malware threats detected and reporting on trends and statistics.
• To develop and implement an effective information security awareness program covering all staff and stakeholders of the Bank.
• To perform continuous security reviews on technology assets (database, network, applications, servers) against the Bank security standards
• To ensure that policies and procedures on patch, vulnerability, and malware management are in place and reviewed regularly.

Education and Qualifications

• Undergraduate degree in Computer Science /Information Technology - Minimum 3.5 GPA

Requirements

• Minimum 3-5 years of working experience, with at least 3 years’ experience in a busy IT security environment.
• Certification in a systems audit or security-related areas, such as CEH, CISA, CISM or CISSP
• Experience in working with various vulnerability assessment & penetration testing tools.
• Experience in working in the IS function within a banking environment will be an advantage.

Characteristics

• Technical skills to effectively perform IT security management activities/tasks in a manner that consistently achieves established quality standards or benchmarks.
• Knowledge of information security domains
• Knowledge in penetration testing skills
• Knowledge and application of modern IT security management practices in the financial services industry to proactively define and implement security quality improvements in line with technological and product changes.
• Performance management to optimize personal productivity.
• Interpersonal skills to effectively communicate with and manage expectations of all team members and other stakeholders who impact performance.
• Self-empowerment to enable the development of open communication, teamwork, and trust that are needed to support true performance and customer-service oriented culture.
• Demonstrable integrity and ethical practices