JOB DESCRIPTION / ROLE
Description
1. Design, implement, and maintain cloud security measures for public and private cloud infrastructure platforms. This includes securing virtual machines, storage systems, networks, or cloud resources.
2. Develop and maintain security baselines for all information systems and ensure regular maintenance and update of all baselines inventory bank wide.
3. Perform regular baseline scans or reviews as applicable to ensure compliance with the developed security baselines and follow up on mitigating the identified gaps and findings.
4. Support the implementation of different security projects and initiatives through defining the necessary security requirements in full alignment with security policies and industry requirements.
5. Contribute to the design and implementation of security controls and technologies including but not limited to firewalls, intrusion detection and prevention systems, access controls, and cryptographic mechanisms to strengthen the bank's security posture.
6. Conduct comprehensive reviews for security controls and configurations in alignment with bank policies, compliance and regulation mandates, and industry best practices.
7. Effectively participate in the change and release management process to ensure adequate security controls are applied before go-live.
8. Review and approve access control requests over different technology platforms and network security infrastructure to ensure adequate application of the approved security policies (e.g., firewall rules change review).
9. Participate in the new server provisioning process to ensure conducting the needed security checks and ensure closure of any identified gaps before production deployment.
10. Ensure proper management and enforcement of privileged accounts over different technology layers (operating system, database, application) including account designation and implementation of privileged access control requirements.
11. Review and approve privileged access related requests including but not limited to generic accounts creation, privileged access management access, and access to existing accounts.
12. Assess and provide recommendations for IT and cyber security policy deviation requests and ensure proper tracking of the same.
Requirements
- Bachelor's degree in computer science, information security, or a related field. A master's degree is preferred.
- 3-5 years (5-8 for senior roles) of proven experience in security domains.
- Strong knowledge of operating systems principles, secure design principles, and common security vulnerabilities.
- Strong technical experience and knowledge of several cybersecurity technologies including firewalls, IDS/IPS, DLP, endpoint security, data encryption, database security, web and email filtering, vulnerability scanners, code analysis tools, etc.
- Knowledge of industry regulations and standards such as CIS benchmark, ISO 27001, NIST, OWASP, etc.
- Experience conducting security assessments, vulnerability testing, and risk assessments.
Mandatory Certification
- CISSP
- CCSP or CCSE
- Technical certification such as Cisco, Palo Alto, F5, etc.
Recommended Certification
- CISM
- CSSLP
- CEH
- Security+
- GIAC certificates
- Strong communication and presentation skills.
- Strong problem-solving and analytical skills.
- Proficient verbal and written English.
- Time management skills.
