Senior IT Security Analyst Job at Stanbic IBTC Bank Plc

[Jobrib]

Job Title: IT Security Analyst (Senior)

Employer: Stanbic IBTC Bank Plc

Parent Company: Standard Bank Group

Sector: Banking and Finance

Job ID: 11757

Location: Lagos, Nigeria

Division: Group IT  

Position Category: Group IT Architecture

Employment Type: Full Time – Permanent

Shift: No

Regulatory Approval: Yes

Position Description:

•   To provide an operational IT Security support to ensure that the bank is not compromised in anyway.  The operation support includes anti-virus, intrusion detection, key management as well the delivery of and content scanning of all internet mail incoming and outgoing.

•   Ensuring that all incidents are responded to, actioned and resolved within the required MTTR. Also ensure that calls are escalated and communicated to the required support area and user.

•   Participates in the design and development of processes and controls to manage and monitor authorized requests for access to enterprise applications.

•   Participates in the design and development of processes to monitor and assess security compliance practices, monitors logical access and participates in internal audits to determine if security objectives, processes and controls are effectively applied, maintained and performed as expected.

•   Participates in the design of user authentication and authorization systems to manage data access privileges; data collection and management procedures and information security controls.

•   Contributes to plans for performance reports and audit processes and participates in the design of application, middleware and other security controls, administration tests, test scripts criteria and procedures.

•   Participates in security related problem identification, analysis and resolution, including procedural, operational and technical problems in a collaborative environment.

•   Recommends appropriate corrective and risk mitigation activities.

•   Identifies and sets appropriate security and parameters in configurable software to meet operations security requirements.

•   Participates in the assessment of the effectiveness of the data security processes and procedures against industry standards and guidelines.

•   Provide high level competency with regard to mainframe IT security systems

•   Conduct regular risk assessments of IT controls against desired security state

EXPERIENCE:

•   3 – 5 years

•   Strong analytical and problem solving skills

•   Checkpoint experience

•   Good network experience

•   Strong customer focus and ability to manage client expectations

•   Proven ability to work under stress in emergencies; flexibility to handle pressure coming from all directions simultaneously

•   Strong team-orientated interpersonal skills; ability to effectively interface with a wide variety of people at all levels

•   Self-motivated and able to work under little supervision.

•   Logic and problem solving skills.

•   Good communication skills.

•   Ability to interact with users at all levels.

•   Must be service orientated

KNOWLEDGE:

•   B.Sc. in any Science Courses

•   Any IT Security Certification would be an added advantage

•   Demonstrated competency in strategic thinking with strong abilities in relationship management

•   Demonstrated competency in oral and written communications

•   Demonstrated competency in developing effective solutions to diverse and complex business problems

•   Demonstrated attention to detail

•   Knowledge of the theory, principles and practices of systems architecture and applications

•   IT Security experience / Communication or Network experience will be beneficial

KEY PERFORMANCE MEASURES:

•   Number of instances of non-compliance to policy and procedure

•   Number of awareness sessions held across the bank

•   Number of security reports to senior management and the Board.

•   IT Audit rating by Internal Audit, Routine Control, and external audit

•   No service impact

•   Reduced number of incidents

•   Successful implementations of change request on the on Equinox, PayDirect , Firewalls, ISA, OWA ,MM

•   Meet deadlines

•   Meet SLA targets

•   Maintain a logically structured security database.

•   Ensure that there are no service disruptions due to access denial.

•   Ensure no service disruption due to maintenance of the security database.

•   Ensure the training of capable security administration staff.

•   Professional assistance to large projects in relation to security requirements.

•   Adequate knowledge of security principles and procedures.

IMPORTANT RELATIONSHIPS:

•   End users

•   LAN Administrators / Active Directory Team

•   Unix team

•   Firewall team

•   Software vendors

•   Auditors

•   Group IT Security

•   Infrastructure / Production / Application/ RIS Team

•   Financial Crimes and Control

•   Risk Team

•   Branch Control Team

KEY RESPONSIBILITIES:

•   Configure, install and support all security software

•   Responsible for administration of the firewall and monitoring of security tools & software with special focus on infrastructure and network security

•   Testing of security software for new technologies

•   Responsible for assessing and reviewing security methods with Oracle, SQL Server, or similar environments and also responsible for defining various database design techniques

•   Responsible for implementing security solutions, policies, and technologies relating to transactional applications

•   Provide security Incident management and reporting

•   Provide IT security training and awareness

•   Ensure Regulatory and standards compliance

•   Support of Firewall, ISA, Mail Marshal, Blackberry, OWA,E-Mail, Encryption Tools, Mail Marshal, AD, Equinox, Anti Virus

•   Responsible for providing root cause analysis and incident reporting

•   Testing of security software for new technologies

•   Generating, loading and maintaining the life cycle of all encryption keys for the Bank

•   Responding to and resolving  all Firewall, ISA, Mail Marshal, Blackberry, OWA incidents

•   Administration and monitoring of Intrusion detection & intrusion prevention tools for workstations and servers

•   Provide comprehensive administration procedures

•   Provide professional auditing and tracing capabilities.

•   Provide security monitoring and information gathering.

•   Provide 24-hour assistance to Production environment.

Problem solving, planning and decision making:

Problem solving;

•   Follow procedures with regards to online processes

•   Resolve problems related to access of resources.

•   Resolve User queries related to ACID suspensions and misuse.

Planning;

•   Ensure the correct planning is carried out before changes are implemented

•   Ensure the correct change procedures are followed

•   Create proper procedures for quality checking of large changes to Security Database.

•   Decide on correct and meaningful naming standards for User IDs and Organigram structures in the database.

Apply to this job

[Jobrib]