Growth in Value Alliance (GV Alliance) Partners - Our client, a Lagos based Bank, is currently recruiting suitably qualified candidates to fill the position below:
Information Security Specialist
- The Information Security Analyst reports to the Head of Information Risk Management and is responsible for the design, implementation and maintenance of effective systems security solutions.
- She/he will also investigate and resolve identified systems security breaches, create comprehensive maintenance of information security policies, standards, guidelines and procedures and monitor for compliance in line with the organization’s IT security policy and applicable laws.
- The successful candidate in collaboration with the Information Technology Services (ITS) Systems Support team, will also monitor, assess, and fine-tune the IT business continuity and disaster recovery program, perform network penetration tests, application vulnerability assessment scans and risk audit reviews.
- This is a senior opening which provides an opportunity to work with a team of talented technical skills in transforming a leading Emerging Markets Operations in the Financial Services sector, positioning it for growth and leadership within its region, by actively working to achieve the enterprise security goals of the establishment..
Duties and Responsibilities
- Monitor and advice on information security issues related to the systems and workflow to ensure the internal security controls are appropriate and operating as intended.
- Coordinate response to information security incidents.
- Conduct data classification assessment and security audits and manage remediation plans.
- Collaborate with IT management, the legal department, and other stakeholders to manage security vulnerabilities.
- Perform the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically.
- Create, manage and maintain user security awareness.
- Conduct security research in keeping abreast of latest security issues.
- Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
- Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
- Prepare IT security documentation, including information security policies, procedures, standards and guidelines based on compliance requirements and knowledge of best practices.
Knowledge and Skill Requirements
- Extensive experience in enterprise security architecture design and enterprise security document creation.
- Solid knowledge of information security principles and practices.
- Working experience with intrusion detection systems
- Installation, configuration, monitoring and response to security system
- Understanding of advanced security protocols and standards
- Experience with IP networking, networking protocols, IPSec, VPN's, firewalls, proxy services, DNS, email, access lists.
- Experience with internet, web, application and network security techniques.
- Proven analytical and problem-solving abilities.
- Ability to effectively prioritize and execute tasks in a high-pressure environment.
- Good written, oral, and interpersonal communication skills.
- Ability to conduct research into IT security issues and products as required.
- Ability to present ideas in business-friendly and user-friendly language.
- Experience in designing and delivering employee security awareness training.
- Highly self-motivated and directed.
- Keen attention to detail.
- Team-oriented and skilled in working within a collaborative environment.
- Experience with software and security architectures
- Proactively assesses potential items of risk and opportunities of vulnerability in the network
- Experience with security practices of Intranet and Extranet
- Support day-to-day administration of various firewalls
Strategy & Planning:
- Lead the planning and design activities for the enterprise security architecture, under the directives of the Head, Information Risk Management.
- Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures) in collaboration with other team heads in the Information Risk Management unit.
- Provide leadership and work guidance to members of the Information Security team.
- The post holder will be expected to work actively to achieve enterprise security goals within a set of resource constraints.
S/he will need to:
- Have the ability to think logically and analyse complex situations for effective, sometimes out of the box solutions.
- Work with all stakeholders to develop strategic solution options and delivery plans
Communicating With Others:
- The Information Security analyst will be expected to have excellent communication skills and experience in working with sponsors and other members of the business.
The following points illustrate this:
- Communication and visibility of all critical issues and their status and service restore plans
- Define team member roles and expectations, and ensure timely feedback
- Communicate the technology vision and service improvement plans to internal and external stakeholders
- The operational scope of the post holder is underscored by the following functions:
- Identify security risks, threats and vulnerabilities of networks, systems, applications and new technology initiatives.
- Provide technical support in the development, testing and operation of firewalls, intrusion- detection systems, enterprise anti-virus and other automation as required.
- Ensure the confidentiality, integrity and availability of the data residing on or transmitted through the organization’s workstations, servers , systems through databases and other data repositories.
- Ensure active compliance with information security requirements.
- Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, (i.e., security tool, workstations, servers, network devices, etc.).
- Maintain operational configurations of all in-place security solutions as per the established baselines.
- Review logs and reports of all systems and devices
- Participate in the design and execution of vulnerability assessments, penetration tests and security audits.
- Provide on-call support for end users for all in-place security solutions.
- A Bachelor’s degree in Science, Electronic Engineering or any related discipline. (B.Sc degree in Computer Science, Engineering discipline, Mathematics or Physics will be a distinct advantage)
- A minimum of 6 years post NYSC experience in IT/Network Security.
Method of Application
Applicants should send their updated CV's in MS Word format and Cover Letter to: firstname.lastname@example.org and reference email@example.com with the job title as the subject of email.
Note: Only qualified candidates would be contacted.