Vacancies at Stanbic IBTC Bank

Job Description

To ensure that incoming and existing systems and services meet the best cyber security standards. This will involve setting security requirements and baselines, evaluating design proposals, working with other technical leads (internal and external) to mitigate risk

Qualifications

• First degree
• CISSP, CISM, ISO 27001 Lead Implementer, etc would be beneficial

Experience

• Experience with AWS and Microsoft Enterprise, Mobility & Security Suite.
• IT Security experience / Communication or Network experience

Competencies

• Excellent communication skills
• Excellent reporting skills
• Strong analytical and problem-solving skills
• Good network experience
• Strong customer focus and ability to manager client expectations

===

===

Job Description

Responsible for the implementation of technical controls and remediating gaps where identified in the protection of digital assets within the business network. Ensure that any initiatives developed or acquired meet stringent standards while enabling rapid innovation to meet customers ever-changing needs. Collect, analyse and implement business rules based on recommendations for optimization in line with trending information and cyber threats. Provide operational IT Security support to ensure that the bank is not compromised in anyway. Ensure that all incidents are responded to, actioned and resolved within the required MTIR. Also ensure that calls are escalated and communicated to the required support area and user.

Minimum Qualifications

• First Degree
• Field of Study: IT and Computer Sciences
• Professional certification is an added advantage

Minimum Experience

• Minimum of 3 years experience and knowledge of Security Operation, Endpoint management, Network Security and Vulnerability management.
• Extensive knowledge of TCP/IP protocol stacks, firewalls (Checkpoint and ASA), switches and routers.
• Extensive knowledge of Windows and Linux Operating Systems and cloud computing / cloud security

Behavioural Competencies

• Generating Ideas
• Team Working
• Upholding Standards
• Completing Tasks

Technical Competencies

• Manage  and provide expert advice on, the selection, design, justification, implementation and operation of information security controls
• Manage strategies to maintain the confidentiality, integrity, availability, accountability and relevant compliance of information systems.

===

===

Job Description

To ensure that incoming and existing systems and services meet the best cyber security standards. This will involve setting security requirements and baselines, evaluating design proposals, working with other technical leads (internal and external) to mitigate risk

Qualifications

• First degree
• CISSP, CISM, ISO 27001 Lead Implementer, etc would be beneficial

Experience

• Experience with AWS and Microsoft Enterprise, Mobility & Security Suite.
• IT Security experience / Communication or Network experience

Competencies

• Excellent communication skills
• Excellent reporting skills
• Strong analytical and problem-solving skills
• Good network experience
• Strong customer focus and ability to manager client expectations

===

===

Job Description

Oversight responsibility for defining, monitoring, and reviewing which types of business or information behavior should trigger alerts of suspicious malicious behavior, information or cyber breach or unauthorized system changes on your network.

Minimum Qualifications

• Type of Qualification: First Degree
• Field of Study: Information Technology
• Minimum of 5 years experience in IT is required
• Define, monitor, review, and report on performance of security incident and event monitoring business rules.
• Collaborate with key stakeholders in providing investigation information of suspicious activities. Oversee incident analysis, tracking, recording, and response.
• Oversee Cyber Security Incident Response Team (CSIRT) members in analysis activities.
• Manage the Cyber Security Operations Centre.
• Coordinate the SOC team to spot patterns across several systems to provide advanced warning on new threats.

Behavioral Competencies:

• Excellent communication and skills, written and verbal.
• Attention to detail.
• Strong analytical and problem solving skills.
• Ability to work independently as well as part of a bigger team.
• Ability to multitask at any given time.
• Pro-active.
• Strong interpersonal capabilities.
• High level of integrity.
• Ability to work under pressure.
• Disciplined.
• Ability to follow policies and procedures.
• Time management skills.

Technical Competencies:

• Understanding of the CSOC and CSIRT objectives and requirements.
• Relevant IT certifications: CISSP, CISM, ISO27001 LI etc
• Working knowledge of the IT and IT Security field including TCP/IP, HTTP, encryption, network access controls, intrusion detection and prevention systems.
• Working knowledge of relevant Operating Systems.
• Demonstrate knowledge of standards associated with the role, e.g. ISO, CobiT, ITIL.
• Understanding of incident management and case management technologies (ticketing systems)

===

===

Job Description

Ensuring
 that
any
software
developed
or
acquired
meets
stringent
 standards
while
enabling
rapid
innovation
to
meet
customers’
ever changing
needs. Ensuring that all incidents are responded to, actioned and resolved within the required MTTR. Also ensure that calls are escalated and communicated to the required support area and user. It is imperative that the necessary housekeeping takes place on an hourly/ daily/weekly/monthly basis as per the job requirements. Provide high level competency with regard to mainframe IT security systems.

Minimum Qualifications

• First Degree in any Science Courses
• Professional certification (CEH/CISM/CISSP) would be beneficial

Minimum Experience

• Minimum of 5 years experience
• IT Security experience / Communication or Network experience will be beneficial

Behavioural Competencies

• Problem Solving
• Planning
• Decision making
• Interpersonal skills

===

===

Job Description

Responsible for simulating cyber-attacks to identify and exploit vulnerabilities within the
organization’s IT infrastructure, applications, and networks. This role focuses on offensive security techniques to test the effectiveness of security controls and improve the organization’s overall security posture.

Qualifications

• Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field.
• Relevant certifications such as Certified Ethical Hacker (CEH), Offensive Security Certified
• Professional (OSCP), GIAC Certified Incident Handler (GCIH), or equivalent are preferred.
• Experience in cybersecurity, with a focus on red team activities, vulnerability assessment, and penetration testing. Hands-on experience with VAPT tools such as Nessus, Burp Suite, Metasploit, and OWASP ZAP.
• Extensive knowledge of Security Operation, Endpoint management, Network Security and Vulnerability management. Extensive knowledge of TCP/IP protocol stacks, firewalls (Checkpoint and ASA), switches and routers. Extensive knowledge of Windows and Linux Operating Systems and cloud computing / cloud security

Additional Information

• Penetration Testing
• Red Team Exercises:
• Vulnerability Assessment:
• Reporting and Documentation:
• Tool Development and Maintenance:

===

===

Job Description

To be part of the Information security team, interfacing with projects, technical leads, and other members of the technical architecture team. To ensure that incoming and existing systems and services meet the best practice referenced security architectural standards. This will involve setting security requirements and baselines, evaluating design proposals, working with other technical leads (internal and external) to mitigate risk. Be a point of contact for Information security advice within the team and engaging stakeholders throughout Stanbic IBTC.

Qualifications

• B.Sc. in any Science Courses
• Demonstrable understanding of Information Security control standards and frameworks e.g. ISO27001, NIST, PCI DSS.
• Holding the following certifications, CISSP, TOGAF, ISO 27001 Lead Implementer etc would be beneficial.
• Experience with AWS, Microsoft Azure and M365
• IT Security experience / Communication or Network experience will be beneficial.
• Basic knowledge of application security concepts will be beneficial.
• Experience of Cloud Security solutions and standards is highly beneficial

Additional Information

• Holds ownership and responsibility for the Information / cyber security area of Stanbic IBTC digital architecture, providing technical leadership for on-going development of digital solutions; works with internal and external stakeholders, assisting projects and programmes by coordinating the cyber security architecture, requirements, design and implementation thereby ensuring consistency and compliance with relevant architectural principles, policies and standards.
• Design, build, and document defense in-depth security solutions in response to business requirements (including risks, costs, implications, opportunities, etc)
• Acts as the Information / cyber security technical lead in product and vendor selection providing the security evaluation of products, options, and responses to tenders.
• Enhances security team accomplishments and competence by driving delivery   of solutions, providing technical and procedural guidance in resolving complex architectural problems.
• Determines security requirements by evaluating business strategies and requirements, researching information security standards and architectural best practices.

Deadline: Not Stated

How to Apply: Use the links below to apply: