IT Security Officer – LAM Compliance Officer

Job description
Information Technology: Systems development, business analysis, architecture, project management, data warehousing, infrastructure, maintenance and production.
Job Purpose
To provide IT security and Logical Access Management services to the Bank and in so doing ensure that all IT security and Access Management policies and controls are in place for logical access as per Group guidelines. In addition, the LAM Officer will review all user access requests in conjunction with peers in the related departments prior to the granting thereof. Furthermore, the holder will be responsible for direct follow-ups on all IT related audit issues
Key Responsibilities/Accountabilities
Manage and support Identity and Access Management operations and governance relating to system, infrastructure and application access, user identity lifecycle management and implementing controls to protect the
Group’s key information
Work on Access management (Physical and Logical) able to analyze audit logs
Perform folder and file access revalidation
Ensuring systems are operated, maintained, and disposed of in accordance with policies and practices.
Ensuring that all system users have the requisite approvals before granting access to the systems
Reporting all security-related incidents to the IT Security Manager. (ITSM)
Initiating, with the approval of the ITSM, protective or corrective measures when a security incident or vulnerability is discovered.
Facilitating user access periodic reviews.
Ensuring Configuration Management (CM) for security-related IS software, hardware, and firmware is maintained and documented.
Ensuring that system recovery processes are monitored to ensure that security features and procedures are properly restored.
Formally notifying the ISSM and Authorizing Official when changes occur that might affect accreditation.
Ensuring that system security requirements are addressed during all phases of the system life cycle.
Following procedures developed by the ISSM, authorizing software, hardware, and firmware use before implementation on the system.
Endpoint Security
Oversee the implementation, administration, and operation of multiple endpoint security technologies such as but not limited to Safend, Bitlocker, McAfee ePO
Produce and track metrics for the effectiveness and maturity of endpoint security technologies and processes
Work with business units to develop goals for measurement improvement
Oversee development and operation of endpoint information security executive dashboards
Manage relations with endpoint security vendors
Provide support for multiple endpoint information security products
Oversee configuration and administration of security tools
Maintain current understanding of industry trends and threats
Interact with IT Security products and support services and project management office to strategize on new project implementation
Maintain SLA and OLA agreements for endpoint security management
Report non-compliance & deviations to appropriate stakeholders.
Provide support to the Computer Incident Response Team
Monitor and report on risks and vulnerabilities with suggested recommendations
Summary
Endpoint security and controls – Safend, device control
Patching
Antivirus
DLP
Access control
Recertification
Preferred Qualification And Experience
Bachelor’s Degree in Computer Science or related technical discipline
Must have a current security certifications: CXISSP, CISM, Security+ GIAC, CEH etc.
Minimum of three (3) years Logical/ identity and access management experience.
Ability to demonstrate strong knowledge of computer security concepts.
Demonstrated ability to document processes and procedures.
Knowledge/Technical Skills/Expertise
Experience in business application, maintenance and/or Information Security and/or System access management
Logical Access Management experience across locations, application and / or database systems with associated 1st level control and re-certification.
Excellent technical knowledge and experience of Logical Access and Identity Management processes
Experience of Sailpoint would be beneficial.
Security domain experience in applications, security, infrastructure and integration.
Experience within the financial services sector is highly desirable
Solid AD administration experience
Centrify, Vault and BYOD administration and provisioning experience
ITIL knowledge preferred but not essential
Excellent communication skills in writing and oral in English
Reliable, responsible personality, able to work under pressure with greatest accuracy, able to exercise, troubleshoot, analyse and have independent judgment on a daily basis.
go to method of application »

Use the link(s) below to apply on company website.  

Apply via :


Comments

Leave a Reply

Your email address will not be published. Required fields are marked *