As part of the IT Security Analyst role, you shall also be responsible for making IT security architecture improvement recommendations and translating them into initiatives with the aim of enhancing and continuously improve the Bank’s IT security posture. The role mainly consists in monitoring and assessing the security controls implemented by IT Operations and in designing, building and operating the security monitoring activities within the Bank. 

Main Duties of the role:

 
  • Creation and maintenance of application event thresholds and related alerts and monitoring of security relevant events;
  • Monitor the IT security environment for vulnerabilities and security infrastructure updates, including updates for secure configurations for Hardware and Software (security hygiene);
  • Monitor the latest cyber trends
  • Maintain security baselines and hardening guidelines
  • Build a database of security sources and subscriptions to receive alerts pertinent to  critical products used by the Bank;
  • Help remediate detected vulnerabilities to maintain a high-security standard;
  • Facilitate a centralised dashboard to allow the viewing and administration / resolution of identified security events in a timely manner;
  • Review the IT security and cyber-security regulatory landscape;
  • Support to the IT Operations in IT incident triaging and response for occurrences which are related to security events;
  • Provide support to the IT Regulatory Analyst for security related attestations, IT audits, cyber-security monthly newsletter and staff security skills assessment to pre-empt Bank training requirements;
  • Assist the IT Regulatory Analyst in maintaining IT security guidelines, maintenance of the security update cycles procedure and firmware version management procedure;
  • Monitoring of the Asset Lifecycle and End-of-Life / End-of-Support Management;
  • Monitor anti-malware and vulnerability scans for vulnerability assessment and remediation;
  • Together with the IT Regulatory Analyst contribute towards the increased reach for penetration testing;
  • Website cloning monitoring activities;
  • Record keeping of events, alerts and materialised incidents.
Qualifications/Requirements:
 
  • Understanding of IT Security, Cyber Security and ideally proficiency in security control design e.g. network design, firewalls, endpoint security, etc.;
  • Two years working experience in a similar role or equivalent experience and know-how in an IT operations / support role;
  • A career within the fields of Cyber Security or Network Security would be of main interest;
  • Proof of expertise in IT or Cyber Security (or other related ICT area of specialisation);Proficient in penetration testing and vulnerability assessments;
  • Threat hunting experience is considered an asset;
  • Experience in using SIEM tools and knowledge of endpoint detection and response (EDR);
Industry qualifications, such as CCNA, CompTIA Network+, etc. are considered an asset

Desired Skills

 
  • Ability to work  in an environment which fosters self-management and independence;
  • Proactive in his/her approach and possess problem-solving skills;
  • Ability to communicate effectively and clearly, have excellent listening skills and ability to work well in a team;
  • Have attention to detail and ability to think logically, out-of-the box.
Extensive training will be provided.
An attractive remuneration package will be offered to the right candidate.
The data you submit will be processed as per the Candidates Privacy Notice.