Team Lead, Security Operations Audit at First Bank

Duties & Responsibilities

• Acts in place of the Head, Systems Audit (on issues related to Security Operations) in his/her absence
• Participates in conducting risk assessment of Strategic Business Units and Subsidiaries to identify IS related risks within business processes
• Ensures the currency of Technical Infrastructure audit procedures/checklists given the proliferation and complexity of Information and communication technologies
• Develops and communicates draft audit Terms of Reference and participates in formal audit meetings
• Supervises Security Operations audit teams in the various audit engagements to ensure the audits are performed in line with Internal Audit Methodology and relevant professional standards.
• Plans, coordinates and executes the audit of the Bank’s
• Cyber Security Programs
• Security configurations & Infrastructure and Security Operations Centre
• Security Incident and Event Management
• Security Standards and Frameworks
• Interfaces, web services and APIs
• Vulnerability Assessments, Penetration Testing and Security Operations
• Provides first level assurance review of team’s outputs and ensures knowledge sharing and on the job coaching of team members.
• Reviews Vulnerability Assessment and penetration testing of the Banks network/Application/Database infrastructure
• Carries out special investigation into Security Operations related breaches, vulnerabilities and  attacks.
• Coordinates the involvement of  Security Operations  audit teams in the performance of Standards audit
• Participates in Cybersecurity Operations projects in line with IS Audit Project participation charter.
• Co-ordinates the follow-up and timely regularization of audit exceptions and assurance of Technical Infrastructure team.
• Ensures the currency of  Security Operations audit procedures/checklists given the proliferation and complexity of Information and communication technologies
• Coordinating Operational Risk process reviews to ensure  Security Operations team’s compliance with Operational Risk Governance Framework
• Carries out ad-hoc activities as assigned by the Unit Head and/or CAE

Job Requirements
Education:

• B.Sc in Computer Sciences or related disciplines
• Professional certifications (CISA,  SCCP, CCSA, CRISC, CISSP, CEH, ISO 27032, ISO 22301 & ISO 27001, ISO 20000, COBIT 5, CCISO etc. )

Experience:

• Minimum experience - 8 years in Information Systems and 5 years in Audit/control /Information/ Cyber Security.