Cyber Security Engineer at FBN Capital Asset Management

Department: Risk Management & Control

Job Objective

• The successful candidate will join the Information Security team in providing expertise to support the planning, implementation, management, monitoring and upgrading of security measures for the protection of the company’s data, systems and networks.
• The candidate will support the team in maintaining the company’s Information Security and Business Continuity Management Systems, and adoption of related regulations and frameworks.

Duties and Responsibilities

• Actively participate/collaborate in solutions and systems design/redesign to address cybersecurity risks and threats, and ensure compliance to security policy, procedures, standards and baseline security configurations.
• Understand the network and security topology of the company.
• Support implementation /administration of network security hardware and software.
• Support administration/management/maintenance of the next generation firewalls (NGFW), intrusion detection/prevention systems (IDS/IPS), identity security engine (ISE), network access control (NAC), and the perimeter security system devices.
• Support maintenance/configuration branch security solutions e.g. IPSEC, Site-to-Site VPN, etc.
• Support security risk assessment of network and infrastructure; including vulnerability analysis, threat intelligence and remediation planning.
• Monitor the enterprise network for security threats and unauthorized user access.
• Monitor all the network security zones for uptime.
• Troubleshooting security and network problems.
• Build security components test and laboratory environment.
• Participate in incident response and triage. Prompt assessment of security incidents and communication of course of action.
• Maintain firewalls, storage, web protocols, endpoint, virtualization and email security.
• Develop/optimize processes to improve security threat identification, remediation and intelligence
• Assist in Disaster Recovery exercises to ensure no breaches during recovery.
• Prepare monthly security status reports regarding threats and breaches.
• Circulate quarterly security awareness to business and educate users on computer security.
• Ensure implemented projects meet best practice security guidelines.
• Support other security solutions e.g. single sign-on, two-factor authentication.
• Conduct compliance hardening assessments of applications, servers, systems, and network devices.
• Support/follow through on Security Vulnerability assessment and Penetration testing recommendations.
• Testing and identifying network/system vulnerabilities, ensuring that noted vulnerabilities are addressed.
• Conduct periodic internal vulnerability assessment testing.
• Keep up to date with evolving information/cyber security threats, methods and developments.
• Carry out other tasks as assigned by the CISO.

Requirements
Education / Professional Qualification:

• Bachelor’s Degree in Computer Science, Management Information Systems or related STEM discipline (Second Class Upper division)
• Certified Information Systems Security Professional (CISSP)
• Certified Ethical Hacker (CEH).
• Cisco Certified Network Associate (CCNA).
• Cisco Certified Security Professional (CCSP)
• Other Information security certifications.

Experience:

• Minimum of 5 years cognate experience in financial services/service-oriented industry administering information and cyber security (including systems and network security, Identity and Access Management, Security Incident Response, Threat and vulnerability Management, End-point Security, Storage and Virtualization Security).
• Security administration – Firewalls, switches, routers, SIEM, Anti-Malware, Active Directory, IDS/IPS, NAC, Privileged Access Management, HIPS, cryptography, log collection and correlation, and DLP solution.

Key Competency Requirements:

• Knowledge of security best practice guidelines (ISO 27001, etc), information security principles and cyber security operations
• Security incident and threat management
• Advanced firewall configuration experience.
• Security devices configurations, i.e. Cisco Identity Security Engine
• TCP/IP networking, including IP address schemes
• Network security analysis tools
• LAN & WAN technologies.
• Understand Cisco IOS configurations
• IAM and Solutions.
• Hands on experience with security devices i.e. firewalls, IDSIPS appliances & software, ISE, Office 365 Security and Endpoint Security
• Ability to execute and support security tools such as DLP, Encryption and SIEM.