Description
- Perform technical vulnerability assessments of relevant technology focus areas (i.e., local computing environment, network and infrastructure, enclave boundary, and supporting infrastructure).
- Work closely with system owners and business process partners to ensure that identified vulnerabilities are remediated within established timelines.
- Participate in the Vulnerability Management Committee with IT.
- Validate penetration test results and engage with technology partners and business units to resolve identified vulnerabilities.
- Perform technical vulnerability assessments for business day-to-day requests to provide the InfoSec Risk Team with a full scope.
- Perform technical vulnerability assessments for off-the-shelf applications.
- Validate with service providers code review report for in-house IT assets whenever needed and send a report to IT for mitigation and follow-up until fixing.
- Prepare KRI's according to agreed SLAs with IT and present it to InfoSec Vulnerability Manager / Associate.
- Analyze vulnerabilities to network, operating systems, applications, databases, and other information system components.
- Validate firewall rules on a semi-annual basis and send reports to IT for mitigation, and follow-up until fixing.
- Review the feedback on threat intelligence and CBE vulnerability alerts.
- Ensure that internal environment (IT assets) & external published URL vulnerabilities are discovered and mitigated in cooperation with IT.
- Responsible for evaluating the performance of the subordinates and ensuring that all tasks are done in a correct & timely manner. Provide guidance whenever needed.
- Ensure adherence to policies and procedures in order to guarantee that The Bank's business is conducted in compliance with Local Laws, CBE, The bank's Rules and Regulations, as well as, International Standards.
- Ensure the correct functioning and implementation of Permanent Supervision system, compliance, money laundering, and workplace success guidelines whenever & wherever possible.
Requirements
- Bachelor's Degree in Computer Science or Electronics & Communication Engineering from a reputable university.
- Minimum 6 years of experience in the banking sector and information security field, including the following background:
- Penetration Test and Vulnerability Management.
- Security controls, security baseline, technology best practices.
- Enterprise design and architecture.
- Has an integration knowledge across different security technologies and systems.
- Security control enforcement, a measure of effectiveness, and proposing compensating controls.
- CBE Digital channels regulations. - Analytical, self-motivated, cooperative & proactive.
- Excellent interpersonal, leadership, and directing skills.
- Excellent communication & computer skills
- Strong understanding of banking operations
- Analytical mindset with ability to grasp new concepts and diverse aspects of bank and risk operations
- Excellent command of English written/spoken
| Created on | 10 Nov 2024 |
| Last updated on | 10 Nov 2024 |
| You applied on | |
Apply Now 