Overview

IT Security Analyst

JOB PURPOSE
Provide continuous independent assurance on the bank’s Information Security as regards confidentiality, integrity and availability of the IT infrastructure, processing systems and related resources in line with the Bank Information Security Policy.

KEY RESPONSIBILTIES

Provide tactical security expertise across various security domains as assigned from time to time.
Provide technical security related support to ICT projects from inception through to successful implementation.
Support the implementation of procedural, operational and technical security controls across the bank’s ICT systems.
Install, configure and upgrade security systems / solutions while maintaining requisite levels of security.
Safeguard the bank’s information assets by identifying and solving potential and actual security threats.
Identify and provide solutions for information security related problems & anomalies and report violations of security policies.
Conduct continuous research and provide technical security expertise on threats affecting KCB Group information assets.
Monitor the bank’s ICT systems for indicators of compromise, investigate incidents and take appropriate steps to contain, neutralize and prevent breaches from happening in the future.
Participate in activities aimed at mitigating information and cyber risks identified by various assurance teams such as Information Risk and Audit

MAIN ACTIVITIES

MonitoringEnsure the confidentiality, integrity and availability of the data residing on or transmitted to/from/through enterprise workstations, servers and other systems and in databases and other data repositories.
Ensure all systems interfaces are secured from any intrusion and all users’ activities are logged and users’ activities in systems are detailed and traceable.
AnalysisPeriodically perform vulnerability assessments & penetration tests on Bank systems and technology, identifying vulnerabilities and recommendations on closure of these vulnerabilities.
Analysis of data from user and network monitoring to ascertain legitimacy of high priority activities noted.
ReportingActively review application, server, database, network logs and audit trails and report
Provide and analyze departmental self-assessment reports on all systems controls to assist in focused controls
Pro-actively and comprehensively provide guidance on tools required to effectively manage and control bank systems environment.
Be involved in providing forensic data to all reviewers i.e. investigators, analysts etc.
Governance and ReviewReview all issues logged by users and analyze trends as relates to systems security management
Initiate, facilitate and promote activities within the bank to create information security awareness to various groups of bank staff and stakeholders.
Be involved and provide security guidance during technology projects, systems deployment, upgrades and changes.
Continuous review of systems at all levels i.e. servers, applications, database, network devices etc., identify risks and make recommendations on closure of the risks.
ImplementationManage all external parties’ access to bank infrastructure and systems and have detective measures for intrusion.
Ensure that the bank infrastructure network LAN / WAN is secure from any intrusion.
Establish and maintain the Bank’s Business Continuity Plan and Disaster Recovery Plan.
Spearhead a compliance program to achieve legal obligations and business goals by prioritizing initiatives and assessing the evaluation, deployment, and management of current and future technologies.
Establish and implement the Bank’s security documents (policies, standards, baselines, guidelines and procedures).
Enforce patches, version management and virus control.
Pro-actively enforce and plan to ensure all noted risks are mitigated and potential threats addressed immediately.

DECISION MAKING AUTHORITY

Operational – Solution Design dependent on CRs/BRDs assigned
Strategic – Solution structuring to ensure ease of implementing future enhancements

ACADEMIC BACKGROUND

University degree in Computer Science, Information Technology/Systems or IT related field

WORK EXPERIENCE

Should have development experience in Temenos (T24) / other banking packages.
At least 2 years’ experience in System/Data/Network Administration.
Experience in Project Implementation and user training is desired.
MODE OF APPLICATION

Click “APPLY FOR JOB” button above to apply for this job.

About Sidian Bank

At Sidian Bank, we recognize the significant accountability and inherent risks that an entrepreneur takes to make his ideas and dreams a reality.

It is for this reason that our mission is to empower entrepreneurs to create wealth through provision of transformational financial solutions that meet entrepreneurs needs and facilitate growth through convenience and choice.