Manager, Security Engineering, Cyber Security Department

ROLE PURPOSEPlan, design, implement, administer and support key security technologies and solution across the Bank to ensure that technology controls are effective to safeguard the Bank’s critical information assets against cybersecurity threats.PRINCIPAL ACCOUNTABILITIESResponsible for effective operations, maintenance, support, monitoring, and updates of the key security technologies i.e. privileged user access management, malware protection, compliance automation etc. This includes anticipating growth to ensure scalability, assessing the value of enhancement emanating from benchmarks, observations or other industry best practices and incorporate the changes, if required.Plan and manage key security technologies enhancement and expansion program throughout Bank’s IT environment to ensure adequacy of security protection to mitigate cybersecurity threats.Coordinate with security administrators to manage and administer the updating of rules and signatures (e.g., intrusion detection/protection systems, antivirus, and content blacklists) for specialized cyber defense applications.Build and maintain strategic relationship/networking and collaborations with external IT security experts and other IT organisations in order to benchmark and improve the Bank’s IT security infrastructure service delivery to the stakeholders.Provide security technology advisory services and low-level design proposals to ensure solution meets the Bank’s business departments’ security requirements.Provide IT Threat Model for newly developed / implemented key solutions to ensure that any potential IT threats are designed, tracked, alerted and monitored by the Security Operations Centre.Manage the lifecycle of related key security solutions technology refresh with minimal impact to business operations and in compliance with the technology architecture design, standards and principles.QUALIFICATIONSAcademic Qualifications: Degree in Computer Science / Information Technology or its equivalent. Any related Cyber Security certifications like CISSP, CISM, CRISC, CISA, SSCP, GIAC, CCNA, TOGAF,CEH, CHFI and others, is an added advantage.Technical knowledge in Authentication, Encryption, Data Loss Prevention, Identity Access Management, Malware Protection, and SANS/NIST/COBIT/ISO/OWASP Security Controls.Experience: At least 6 years working experience with strong knowledge in cybersecurity technology, implementation and maintenance.ONLY SHORTLISTED CANDIDATES WILL BE NOTIFIED