Information Security Analyst

To perform expert analysis of real time and historic events in order to discover security anomalies, identify violations, conducting forensic investigation and raise and manage an incident to closure. The position also involves identifying system vulnerabilities, proactively analyzing, identifying and detecting system risks, change management security review, infrastructure baseline review as well as compliance review of projects.

Conduct periodic vulnerability assessments and coordinate internal and external penetration tests.

Configure and conduct infrastructure baselines compliance tests.

Participate in the pre-production review of applications/technical systems in order to ensure that all security requirements are incorporated prior to system going “live”.

Develop and ensure technology baselines for the secure management of systems across all platforms such as Operating System, Data Bases, application etc.

Advise, and recommend security features and appropriate levels of security controls for all IT systems and infrastructure.

Update/create security baseline documents for systems such as firewalls, various operating systems, databases, etc.

Research patch updates for technology used in the bank and reclassify based on criticality.

Evaluate new security and risk technology for implementation

Provide technical guidance to IT Department staff about risks and control measures associated with new and emerging information systems technologies.

Evaluate information systems bug reports, security exploit reports, and other information security notices issued by information systems vendors, CERT and makes recommendation to IT Department technical staff to take precautionary measures.

Respond to inbound calls, receive e-mails, work on monitoring tools and handle the information security events.

Proactively detect and report signs of intrusion and malicious behavior once detection has been made the analyst should take ownership and manage the incident or handover to next shift or Senior Security Analyst.

Security events should be assessed, prioritized and differentiated between potential intrusion attempts and false alarms.

Monitor unauthorized use or leakage of credit card information and other sensitive data from the Bank, phishing attacks and other malicious activities that could bring about a reputational damage for the bank, unauthorized access to Bank’s critical information that is mandated by the management.

Monitor SIEM system and identify any threats which require further investigation.

Provide incident response to information security alerts events.

Immediately report any significant security breaches to the Manager, IS Managers or Head of IS; participate and work on any investigation as assigned by Manager, IS Managers.

Will be required to identify and escalate incidents as set out in the Incident handling procedure.

Investigating security incidents and report root causes, the related weaknesses and recommend remedies with the Senior Security Analyst to mitigate or control / prevent malicious activity taking place / reoccurring.

Keep Information Security incident register updated with appropriate actions such as root causes, next steps as well as reoccurring offenders or events.

Work with SOC manager on any investigations concerning security incidents, breaches to the banks data, network, applications, databases or other systems. Understand how to Collect, Examine, Analyze and Report

Work with Senior Security Analyst to conduct design and architecture reviews, in conjunction with the respective Technical Security team and recommend enhancements where necessary.

Support the other IS Security teams during product evaluations to select adequate security services and solutions

Work with the IS teams to keep security posture raised as well as on various projects as assigned by Manager – Threat Management & Advisory.

2-3 years of experience in a Banking industry or similar environment, from a demanding service industry where employees are required to work under pressure

Bachelor’s degree in Computer Science or equivalent, e.g. diploma (mandatory).

CISSP/CISA/GCIH/CHFI

Candidate should have an insight of system and network attack and intrusion techniques.

Experience in analysis of Firewall logs, router logs, syslog, and network/host-based Intrusion Detection/ Prevention systems (IDS/IPS).

Experience with event monitoring and analysis of events presented on a Security Information Management/Event Management System (SIM/SEM)

Understanding of general IS/IT best practices and principles are required.

Knowledge of information security, such as risk/vulnerability assessment, data classification and industry standard frameworks such as ISO 27001, PCI-DSS would be an advantage.

Knowledge of firewalls, network components such as router/switches and related protocols, intrusion prevention systems, antivirus software, web content filtering, database products.

The incumbent should also have understanding of the vulnerabilities in operating systems, databases and applications and should develop the technical knowledge necessary to mitigate these vulnerabilities.

Experience and understanding of network topologies, protocols, malware, botnets, and antivirus software.