Team Lead, Vulnerability Management at First Bank

Job Identification: 328
Location: Lagos

Job Description

• Manage vulnerability scanning of applications and information systems
• Manage payment card data discovery scans to ensure security of Card Holder data
• Conduct internal and external Penetration tests on the Bank’s information systems and make recommendations to critical findings
• Provide in-house information security consulting expertise to the Bank
• Manage continuous reviewing of technology (e.g. network, systems, etc.) security to ensure compliance and optimal performance
• Identify solutions for security compliance, as well as determine and coordinate improvements
• Manage the review of defined levels of tolerance and risk exposure with a focus on mitigating them
• Manage and control established security protocols in the event of any failure or incident in the Organization
• Lead technology risk management processes to identify, analyze, qualify, quantify, treat, accept, communicate and monitor risks related to information technology.
• Provide guidance and support during changes to existing systems and implementation of new systems
• Drive situational awareness to all staff and other stakeholders based on risk identification
• Assist in all security operations aimed at identifying cyber-attacks on the Bank
• Assist with development and implementation of enterprise security strategy and security
• Assist with review of defined levels of tolerance and risk exposure with a focus on mitigating them
• Promote a culture of adherence to security policies and practices.

Requirements
Education

• Minimum Education: First Degree in computer Science / Engineering, Higher Degrees / Professional Certificates.

Experience:

• Minimum experience - Working knowledge of PCI DSS
• Working knowledge of ISO 27001
• Knowledge of the Security tools such as Qualys, Burp Suite, Pix Alert
• Good understanding of Best Practices Security architecture.
• Good knowledge of network protocols including UDP/TCP/IP
• Professional level knowledge of Access control lists, NAT, routing and switching
• Ability to review rule sets for firewalls
• Good knowledge of firewalls, IDS and IPS
• Good knowledge of network security and encryption models