Duties and Responsibilities
- Actively participate/collaborate in solutions and systems design/redesign to address cybersecurity risks and threats, and ensure compliance to security policy, procedures, standards and baseline security configurations.
- Understand the network and security topology of the company.
- Support implementation /administration of network security hardware and software.
- Support administration/management/maintenance of the next generation firewalls (NGFW), intrusion detection/prevention systems (IDS/IPS), identity security engine (ISE), network access control (NAC), and the perimeter security system devices.
- Support maintenance/configuration branch security solutions e.g. IPSEC, Site-to-Site VPN, etc.
- Support security risk assessment of network and infrastructure; including vulnerability analysis, threat intelligence and remediation planning.
- Monitor the enterprise network for security threats and unauthorized user access.
- Monitor all the network security zones for uptime.
- Troubleshooting security and network problems.
- Build security components test and laboratory environment.
- Participate in incident response and triage. Prompt assessment of security incidents and communication of course of action.
- Maintain firewalls, storage, web protocols, endpoint, virtualization and email security.
- Develop/optimize processes to improve security threat identification, remediation and intelligence
- Assist in Disaster Recovery exercises to ensure no breaches during recovery.
- Prepare monthly security status reports regarding threats and breaches.
- Circulate quarterly security awareness to business and educate users on computer security.
- Ensure implemented projects meet best practice security guidelines.
- Support other security solutions e.g. single sign-on, two-factor authentication.
- Conduct compliance hardening assessments of applications, servers, systems, and network devices.
- Support/follow through on Security Vulnerability assessment and Penetration testing recommendations.
- Testing and identifying network/system vulnerabilities, ensuring that noted vulnerabilities are addressed.
- Conduct periodic internal vulnerability assessment testing.
- Keep up to date with evolving information/cyber security threats, methods and developments.
- Carry out other tasks as assigned by the CISO.
Education / Professional Qualification:
- Bachelor’s Degree in Computer Science, Management Information Systems or related STEM discipline (Second Class Upper division)
- Certified Information Systems Security Professional (CISSP)
- Certified Ethical Hacker (CEH).
- Cisco Certified Network Associate (CCNA).
- Cisco Certified Security Professional (CCSP)
- Other Information security certifications.
- Minimum of 5 years cognate experience in financial services/service-oriented industry administering information and cyber security (including systems and network security, Identity and Access Management, Security Incident Response, Threat and vulnerability Management, End-point Security, Storage and Virtualization Security).
- Security administration – Firewalls, switches, routers, SIEM, Anti-Malware, Active Directory, IDS/IPS, NAC, Privileged Access Management, HIPS, cryptography, log collection and correlation, and DLP solution.
Key Competency Requirements:
- Knowledge of security best practice guidelines (ISO 27001, etc), information security principles and cyber security operations
- Security incident and threat management
- Advanced firewall configuration experience.
- Security devices configurations, i.e. Cisco Identity Security Engine
- TCP/IP networking, including IP address schemes
- Network security analysis tools
- LAN & WAN technologies.
- Understand Cisco IOS configurations
- IAM and Solutions.
- Hands on experience with security devices i.e. firewalls, IDSIPS appliances & software, ISE, Office 365 Security and Endpoint Security
- Ability to execute and support security tools such as DLP, Encryption and SIEM.
Method of Application
Interested and qualified candidates should send their CV to: [email protected] using the Job Title as the subject of the email.