Senior Security Specialist

Role Objective

The incumbent will work closely with the Infrastructure and Security Manager in effective implementation of security controls, security standards, security solutions, including the ongoing assessment and tracking of adherence to required security guidelines across the enterprise computing environment, operate security tools, monitor threats and security issues. The Job holder will support in managing projects, organizing resources, and carrying out risk assessment, ensuring that the project deliverables and quality standards are met, as per the established SLAs.

Detailed Roles and Responsibilities:

• Meet with various stakeholders in order to ascertain the overall objectives of the project, and employ the services of business analysts, in business analysis / system reviews for departments.
• Recommend and coordinate the application of fixes, patches, disaster recovery procedures in the event of a security breach
• Research emerging technologies in support of security enhancement and development efforts.
• Coordinate with Security assessment vendors and Operational Risk teams to assess the organization’s security measures, to identify any weak points that might make information systems vulnerable to attack.
• Carry out simulated attacks to test the efficiency of security measures with the coordination of internal /external resources.
• Prioritize security coverage to ensure that strategically important data and mission critical systems receives the highest levels of protection.
• Handle incident responses in a prompt manner, by determining and mitigating the cause in close coordination with the relevant stakeholders, help in analyzing reports SOC reports to identify trends that might indicate a future risk.
• Management of Security Services and devices i.e. Secure Gateways, WAF, VAPT and related Security services.
• Provide the needed support for security compliance frameworks including central banks, PCI, SWIFT CSP, etc.
• Participate of IT Security policies and procedures. In addition to Information security procedures related to IT in coordination with CISO.
• Research emerging technologies in support of security enhancement and development efforts.
• Ensure that the projects are managed in accordance with the project management methodology including document templates, identifying project phases, reporting and planning information for successful project delivery.
• Implement technical solutions to contractual requirements supporting ISO 27001/PCI DSS and any other applicable standards.

Education, Experience and Skills Required:

• Bachelor’s degree or in Computer Science, Information Systems, or any other related discipline from a recognized university
• 06-10 years of total experience in financial services/banking industry, entailing responsibilities pertaining to the specific area of discipline.
• Significant experience in IT Infrastructure security.
• Adept in IT Security pertaining to databases, networks, application servers, web servers, operating systems, firewalls, IPS / IDS, log co-relation tools.

Certifications:

• Professional certification such as CCNA security, CCNP, CEH, CCSP, security+, CISSP, CISA or other relevant certification is preferable