Information Security Engineer

Job Description

REF: ISE/7/9/2018
Job Summary:
The Job holder will be part of the bank’s management team and will be responsible for  safeguarding the Bank’s computer networks and systems. The role will plan and carry out security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks.
Key responsibilities:
The Incumbent will report to the Senior Manager – Information Security and will be responsible for:

Implementing the Information Security Plans and Policies
Implementing security standards and best practices for the organization, and recommending security enhancements to management as needed.
Developing strategies to respond to and recover from security breaches.
Reviewing firewalls and data encryption programs, to protect organizations’ sensitive information.
Assisting computer users with installation or processing of new security products and procedures.
Conducting periodic scans of networks to determine existence of any vulnerabilities.
Conducting penetration testing, to simulate cyber-attacks on systems to highlight any weaknesses that might be exploited by a malicious party.
Forming part of the incident response team that investigates security breaches
Designing secure networks, systems and application architectures

Qualifications and competencies

Bachelor’s degree in Computer Science, Information Technology or an Equivalent from a recognized institution.
A security certification including but not limited to CEH, CISA, CISM, CCNA Security, etc.
At least 4 years relevant experience.
Significant practical knowledge in the following areas:

Unix, Linux, Windows, operating systems
Well-known networking protocols and services (FTP, HTTP, SSH, SMB, LDAP, etc.)
Exploits, vulnerabilities, networks and network attacks
Packet analysis and Regular expressions
Database structures and queries

Direct experience with anti-virus software, intrusion detection, firewalls and content filtering
Knowledge of risk assessment tools, technologies and methods
Knowledge of disaster recovery, computer forensic tools, technologies and methods
Experience in planning, researching and developing security policies, standards and procedures
Professional experience in a system security administration role supporting multiple platforms and applications
Ability to communicate network security issues to peers and management
Ability to read and use the results of mobile code, malicious code, and anti-virus software
Strong understanding of endpoint security solutions to include File Integrity Monitoring and Data Loss Prevention.
Understanding of common network services (web, mail, FTP, etc.), network vulnerabilities, and network attack patterns
Excellent communication and interpersonal skills; ability to communicate: write clearly and speak authoritatively to both business and tech audiences
Demonstrated critical thinking, analytical and problem solving skills to diagnose and troubleshoot technical issues
Strong planning and organization skills;
Keeping abreast with latest technology and ability to learn new technologies and concepts quickly
Ability to operate within 24 Hour shifts as and when required