Senior Engineer - IT Security and Compliance

Key ResponsibilitiesEnsure compliance with CBSL Direction No. 16 on Cybersecurity, including regular assessment, reporting, and technical control implementation related to endpoint security.Ensure timely patch deployment across all End-User Computing (EUC) devices, following the bank’s security policies.Administer antivirus (AV) and Endpoint Detection & Response (EDR) platforms to ensure endpoint security posture.Analyze EDR alerts, carry out first-level investigations, and escalate potential incidents.Provide technical inputs and documentation support for ISO 20000, ISO 27001, and PCI-DSS audit activities.Coordinate the closure of internal and external IT audit findings by implementing appropriate technical fixes.Perform regular compliance checks on patches, AV updates, and EDR status; prepare and present reports.Work closely with Information Security, Infrastructure, and Risk units to strengthen endpoint security practices.Maintain logs, trackers, and dashboards related to AV/EDR compliance and endpoint protection coverage.Enforce adherence to IT Security standards, guidelines, and operational controls.Support operational teams during system hardening, upgrades, and rollout of endpoint policies.Qualifications and ExperienceBachelor’s Degree in Information Technology, Cybersecurity, Computer Science, or a related discipline.Minimum 3–5 years of hands-on experience in endpoint protection, patch management, or IT security operations.In-depth knowledge of AV/EDR tools (e.g., Kaspersky, ManageEngine EDR/AV, or equivalent platforms).Familiarity with audit frameworks and regulatory standards like ISO 27001, ISO 20000, and PCI-DSS.Strong problem-solving skills and the ability to work under pressure in a compliance-driven environment.Excellent documentation and reporting skills.