2.Works closely with the SOC team to ensure integration of controls and with Cybersecurity team to ensure that core control systems are adequately protected.
3.Plays a pivotal role in security architecture and works closely with applications, E-channels team and developers to ensure that access is authenticated and authorized correctly with the right number of factors while being integrated with directory services.
4.Assist the team in ensuring that we follow best practices with AAA and directory services.
5.Policy, standards and procedures creation and organisational acceptance.
6.Must have programming experience to be able to ensure secure systems development throughout the complete system life cycle.
7.Works with the Infrastructure team to ensure that Backup and DR are based on sound security principals that take business into account.
8.Consults with functional unit management and personnel to identify, define and document business needs and objectives, current operational procedures, problems, input and output requirements, and levels of systems access to ensure proper control of digital assets by creating standards, roles and lists and groups that enforce good security principals;
9.Researches, recommend and review new IT security systems and solutions to ensure the Bank uses modern solutions to address exposure to fast-changing global security risks and make recommendations to IT Management for medium to long term planning;
10.Identifies opportunities for improving business processes through information systems and non-system driver changes; assists in the preparation of proposals to develop new systems or operational changes;
11.Creates and implementing security-related disaster recovery plans by conducting disaster recovery planning and testing on controls within the scope of the role, in case of a disruption to business operations ensuring that at least the same level of security exists during disasters and their aftermath and where not possible that business is aware of the risk and its potential impact;
12.Continuously make all staff in radar more aware of their responsibility in making the organisation more secure. Attention should be focused primarily on staff whose duties gives them privileged access or whose functions can make or break security and privacy;
13.Documents security systems technically and administratively;
•Bachelor’s Degree in Computer Science or Diploma in Information Systems with five years of Information Security experience in a Security Engineering role
•As many Security Industry related Certifications as possible, e.g. CISSP, CISA, CASP+, CEH, OSCP, any GIAC, any SANS.
•Programming qualifications in relevant languages with emphasis on secure coding
•Product Specific Qualifications like Cisco Security Certs, CCSA/E, F5-CA/CTS/CSE, Fortinet NSE4-8 but some specifically in Privileged Identity Management, Identity Management and Access Control including MFA and SSO systems. DLP qualification.
•Proof of continuous learning
•Understanding and knowledge of control frameworks ISO 27002 and CIS
•Information Security Engineering Experience
•Information Security Architecting Experience
•Solid Experience in the following a must:
oPrivileged Identity Management and control
oAD, AAA & Access control systems
oMulti-Factor Authentication systems
oSAML & OAuth
oBackup systems & DR
•Strong Administrative Experience on mentioned security tools
•Development experience to work with developers
•Technical writing including the creation of policies, standards, procedures & guidelines
•IT Security Audit fundamentals
•Sound IT Security systems concepts and principles
•Complex modelling techniques
•Analytical and conceptual expertise
•Identity & Access Management
•Privileged Identity Management
•Planning, documentation, analysis and business requirements management techniques
•Evaluation of profitability/risk
•Testing, verification and validation techniques
•Creation of the Business Requirements Document
•Administrative and reporting abilities
•Knowledge of business processes within the context of Financial Services
•Improvement of business and engineering processes
•Confidentiality, ethical behaviour, privacy & integrity
•Policies, procedures, standards and guidelines
•Secure coding practices
•IAM & PAM
•Ability to formulate concepts
•Communication of technical information to a non-technical audience
•Communication of business information to a technical audience
Compliments of the New Year to all Jobs Botswana Subscribers. Get your CV and Cover letter done for P100.
Pay with Orange Money on number 76981238 or EWallet to 76981238
Contact us on Whatsapp - 76981238. (Only WhatsApp)
CLICK LINK BELOW TO CHAT DIRECT ON WHATSAPP