IT Security Officer

Overview

  • 24894
  • Information Technology and Services
  • Jul 14 2017
  • Nigeria
  • Lagos
  • Lagos Island

 

Job Details

Group Information Technology: systems development, business analysis, architecture, project management, data warehousing, infrastructure, maintenance and production

Job Purpose

  • To provide an operational IT Security support to ensure that the bank is not compromised in anyway. The operation support includes anti-virus, intrusion detection, key management as well the delivery of and content scanning of all internet mail incoming and outgoing.
  • Ensuring that all incidents are responded to, actioned and resolved within the required MTTR. Also ensure that calls are escalated and communicated to the required support area and user.

Key Responsibilities/Accountabilities

Key Responsibilities

  • Configure, install and support all security software
  • Responsible for administration of the firewall and monitoring of security tools & software with special focus on infrastructure and network security
  • Testing of security software for new technologies
  • Test and implement approval firewall rules
  • Support of Firewall, ISA, Mail Marshal, Blackberry, OWA,E-Mail, Encryption Tools, Mail Marshal, AD, Equinox, Anti Virus
  • Testing of security software for new technologies
  • Generating, loading and maintaining the life cycle of all encryption keys for the Bank
  • Responding to and resolving all Firewall, ISA, Mail Marshal, Blackberry, OWA incidents
  • Administration and monitoring of Intrusion detection & intrusion prevention tools for workstations and servers 
Engagement:
  •  Partner with relevant stakeholders to maintain and improve the security posture of Business and IT.
  •  Develop appropriate measures to understand the effectiveness of securing the bank through the availability of systems.
Service Delivery:
  • Perform monitoring via the Security Information and Event Management (SIEM) tool as well as from external sources (e.g. telephone or email).
  • Report on false positives and escalate those to the Lead Analyst for verification.
  • Undertake incident analysis, tracking, recording, and response.
  • Work with or assist other Cyber Security Incident Response Team (CSIRT) members in analysis activities.
  • Report new attack types or suspicious activity to the Lead Analyst.
  • Update the Case Management tools with evidence trails of all analysed incidents.
  • Document results of incidents.
  • Escalate and provide feedback on incidents as per Incident Handling Classification Standard and process.
  • Provide support to Lead Analyst and coordinate activities in support of Incident Containment.
  • Interact with the CSIRT team by assignment from Lead Analyst or Manager of Cyber Security Operations Centre.
Mitigation of Risk:

  • Continuously report on incidents identified via the SIEM.
  • Spot patterns across a number of systems to provide advanced warning on new threats.
  • Have an in-depth knowledge of Stanbic IBTC’s policies, procedures, or overall IT environment. Adherence to all applicable Policies and Procedures is mandatory.
Reporting:
  • Ad- hoc compilation and submission of M.I.S reports.
  • Security incidents reporting.

Preferred Qualification and Experience

  • B.Sc. in any Science Courses
  • MCSE / CISA / CISM / CISSP etc would be beneficial
  • Understanding of the CSOC and CSIRT objectives and requirements.
  • IT Security experience / Communication or Network experience will be beneficial
  • IT Security Awareness
  • Working knowledge of relevant Operating Systems.
  • Demonstrate knowledge of standards associated with the role, e.g. ISO, CobiT, ITIL.
  • Understanding of incident management and case management technologies (ticketing systems).

Knowledge/Technical Skills/Expertise

Working knowledge of the IT and IT Security field including TCP/IP, HTTP, encryption, network access controls, intrusion detection and prevention systems.

IT Security penetration testing

Comments

Popular Posts