CRDB Bank PLC – Specialist Cyber Security December 2023

CRDB Bank PLC – Benki ya CRDB | CRDB Bank PLC – Specialist Cyber Security December 2023

December 22, 2023

Banking and Finance Jobs

Tanzania Jobs » Banking and Finance Jobs » Specialist Cyber Security at CRDB Bank December, 2023

Job Reporting To Manager: Cyber Security (1 year Contract)

Location: CRDB HQ

Job Purpose

The purpose of the job is to be responsible for the protection of system boundaries, keeping computer systems and network devices hardened against attacks and securing highly sensitive data. This includes designing and managing systems security architecture and developing cybersecurity designs as per the established security requirements. Ensuring security minimum requirements and best practices are applied consistently across existing and new systems.

Responsibilities

1. Implement and enforce Cyber Security Policies to ensure alignment with related corporate policies.
2. Understand and provide expert advice on the cybersecurity risks facing information assets.
3. Responsible for the technical Cybersecurity strategy – proposing and implementing solutions and processes to continuously reduce the risks and effects of hacking and cyber-crime.
4. Forensic investigation of Cybersecurity incidents/breaches, providing regular reporting using the appropriate assurance framework.
5. Coordinate regular security testing with high-quality reporting. Responsible for the subsequent hardening of IT systems based on the results of regular tests.
6. Implement technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks.
7. Administer and monitor the infrastructure using specific Cybersecurity applications including [but not limited to] the company-wide antivirus, email encryption, Data Loss prevention, file screening, server audit, and host protection systems.
8. Run various assessment tools to obtain insight into the security posture and create various reports for management and stakeholders.
9. Provide remediation consultation to global teams to support enterprise risk reduction efforts.
10. Monitor all IT assets on configuration integrity to proactively manage the bank’s environment.
11. Engineer, implement and monitor security measures for the protection of computer systems, networks, and information assets.
12. Identify and define system security requirements standards of the bank.
13. Responsible for regular security testing with high-quality reporting. Responsible for the subsequent hardening of IT systems based on the results of regular tests.
14. Hardening of all IT assets before being promoted to the production environment. A formal checklist will be used for installation/changes of any configuration in the bank’s environment for a new/existing setup.
15. Enhance and maintain current hardening standards for all information assets including but not limited to servers, workstations, databases, audiovisuals, and network devices.
16. Support penetration testing activities and exercises, including self-capacity to perform penetration testing.
17. Recommend assessment-based findings, outcomes, and propositions for further system security hardening enhancement.
18. Reviewing configuration APIs and PKIs of the bank to ensure its compliance with the established standard regularly.
19. Responsible for information security awareness and training programs that inform and motivate workers on cybersecurity matters as per the SAT program.
20. Monitor internal and external policy compliance and the cybersecurity framework is being complied with by both vendors and employees.
21. Implement new technology on network security and ensure security hardening and effectiveness of the control. Implement and Ensure compliance with the Cybersecurity framework within the organization.
22. Participate in the incident response program, ensuring that the program is tested throughout the organization and that every staff knows his or her duties during such an incident.
23. Prepare and report all security incidents to Management or as directed by the line manager.
24. Real-time monitoring of network and systems user activities.
25. Work with different units in the department to reduce systems configuration risk.

Knowledge, Skills, Qualifications, and Experiences Required for The Role

• Possession of a bachelor’s degree in computer systems technology or a related academic field.
• At least 1 ICT Security professional certification, CISA, CISSP, CEH, CISM, etc.
• Knowledge of the laws as they apply to cybersecurity and recommended standards as applied by appropriate bodies.
• Software development skills.
• Penetration testing skills.
• Systems Integrations and the use of APIs.
• Projects Management.
• IT desktop applications, Computer technology.
• Operating systems (Windows, LINUX, Red hat, AIX).
• Networking and database technology.
• IT Security & Virtualization.
• Interpersonal, written, and oral communication skills.
• Knowledge of security issues and products so that complex security issues can be quickly diagnosed and resolved.
• Report writing and procedure/policy development.
• Good time management.
• Ability to organize self and others and to work on own initiative.
• Expert knowledge of current IT cybersecurity issues.
• Management of a complex IT Infrastructure within a large enterprise-level organization.
• Contingency and Disaster Recovery Planning.
• Up-to-date knowledge of technical applications.
• Ability to think ahead and anticipate problems, issues, and solutions.
• Experience providing IT-focused Enterprise Architecture and strategy.
• Windows Operating systems and Active Directory Management.
• Anti-Virus domain infrastructure.
• At least 3 years of general ICT Security experience in the banking environment.
• Experience working in a deadline-oriented incident management environment managing multiple issues simultaneously.
• Technical handling interaction with vendors, contractors, and other stakeholders.

Deadline: December 30th, 2023

CLICK HERE TO APPLY