Want to get a job fast?
Signup and complete your profile on MyJobMag. Employers will find you 4x faster with a complete profile. You can download your completed profile anytime Signup Now
First Bank of Nigeria Limited (FirstBank) is Nigeria’s largest financial services institution by total assets and gross earnings. With more than 10 million customer accounts, FirstBank has over 750 branches providing a comprehensive range of retail and corporate financial services. The Bank has international presence through its subsidiaries, FBN Bank ...
Read more about this company
To identify security loopholes and vulnerabilities within the banks information systems
Duties & Responsibilities
Conduct regular reviews of Banks network using manual/automated means to ensure that configurations meet best security practices
Carry out periodic vulnerability assessments and penetration testing on Applications and Networks
Drive situational awareness to all staff and other stakeholders based on risk identification
Conduct payment card data discovery scans to ensure security of Card Holder data
Conduct internal and external Penetration tests on the Bank’s information systems and make recommendations to critical findings
Provide in-house information security consulting expertise to the Bank
Assist in all security operations aimed at identifying cyber-attacks on the Bank
Engage with vendors and third parties on the identification and remediation of vulnerabilities
Provide periodic report on the status of vulnerabilities in the Bank
review the security of critical systems (e.g., e-mail servers, Active Directory, applications databases etc.) and changes to sensitive security controls to ensure appropriate security balance and strength across the Bank.
Provide insight on Security defense and hardening practices
Research and keep up-to-date with hacking/defense techniques, exploits and countermeasures
Analyze and evaluate vulnerabilities for exploitability and relevance.
Engage with stakeholders on timelines for closure of vulnerabilities and advise on appropriateness
Comply with the principles and policies in the information security hand book.
Minimum Education: First Degree in Computer Science / Engineering, Higher Degrees / Professional Certificates
Minimum experience – Working knowledge of PCI DSS
Working knowledge of ISO 27001
Knowledge of the Security tools such as Qualys, Burp Suite, etc
Good Knowledge of Penetration testing tools.
Good knowledge of MS Windows and Linux
Good understanding of Best Practices Security architecture.
Working knowledge of penetration testing.
Good knowledge of network protocols including UDP/TCP/IP
Professional-level knowledge of Access control lists, NAT, routing and switching
Ability to review rule sets for firewalls
Good knowledge of firewalls, IDS and IPS
Good knowledge of network/application security and encryption models.