Growth in Value Alliance (GV Alliance) Partners – Our client, a large Bank located in Lagos State, is currently recruiting suitably qualified candidates to fill the position below:
Job Title: IT Information Security Analyst
- The successful candidate will monitor, assess, and fine-tune the IT business continuity and disaster recovery program, perform network penetration tests, application vulnerability assessment scans and risk audit reviews.
- He will also investigate and resolve identified systems security breaches, create comprehensive maintenance of information security policies, standards, guidelines and procedures and monitor for compliance in line with the organization’s IT security policy and applicable laws.
- Monitor and advice on information security issues related to the systems and workflow to ensure the internal security controls are appropriate and operating as intended.
- Coordinate response to information security incidents.
- Conduct data classification assessment and security audits and manage remediation plans.
- Collaborate with IT management and other stakeholders to manage security vulnerabilities.
- Perform the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically.
- Create, manage and maintain user security awareness.
- Conduct security research in keeping abreast of latest security issues.
- Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
- Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
- Prepare IT security documentation, including information security policies, procedures, standards and guidelines based on compliance requirements and knowledge of best practices.
Experience and Qualifications
The successful candidate will be expected to have aptitudes, skills, knowledge and experience on the following areas:
- Extensive experience in enterprise security architecture design and enterprise security document creation.
- Solid knowledge of information security principles and practices.
- Working experience with intrusion detection systems
- Installation, configuration, monitoring and response to security system
- Understanding of advanced security protocols and standards
- Experience with IP networking, networking protocols, IPSec, VPN’s, firewalls, proxy services, DNS, email, access lists.
- Experience with internet, web, application and network security techniques.
- Proven analytical and problem-solving abilities.
- Ability to effectively prioritize and execute tasks in a high-pressure environment.
- Good written, oral, and interpersonal communication skills.
- Ability to conduct research into IT security issues and products as required.
- Ability to present ideas in business-friendly and user-friendly language.
- Experience in designing and delivering employee security awareness training.
- Highly self motivated and directed.
- Keen attention to detail.
- Team-oriented and skilled in working within a collaborative environment.
- Experience with software and security architectures
- Proactively assesses potential items of risk and opportunities of vulnerability in the network
- Experience with security practices of Intranet and Extranet
- Support day-to-day administration of various firewalls
- Knowledge management
- Entrepreneurially minded
- A good bachelor’s degree in Science, Electronic Engineering or any related discipline. (B.Sc. degree in Computer Science, Engineering discipline, Mathematics or Physics will be a distinct advantage)
- Experience within the Financial Services sector will be a distinct advantage
- Experience in managing/working with senior stakeholders.
- Experience in computer forensics is essential. Must be familiar with hacking and intrusion techniques. Prior experience with security testing and computer system diagnostics is a distinct advantage.
Strategy and Planning
The Information Security Analyst will:
- Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures) in collaboration with other team heads in the Information Risk Management unit.
- Provide leadership and work guidance to members of the Information Security team.
The post holder will be expected to work actively to achieve enterprise security goals within a set of resource constraints. He will need to:
- Have the ability to think logically and analyse complex situations for effective, sometimes out of the box solutions.
- Work with all stakeholders to develop strategic solution options and delivery plans
Communicating With Others:
- The Information Security analyst will be expected to have excellent communication skills and experience in working with sponsors and other members of the business. The following points illustrate this:
- Communication and visibility of all critical issues and their status and service restore plans
- Define team member roles and expectations, and ensure timely feedback
- Communicate the technology vision and service improvement plans to internal and external stakeholders
The operational scope of the post holder is underscored by the following functions:
- Identify security risks, threats and vulnerabilities of networks, systems, applications and new technology initiatives.
- Provide technical support in the development, testing and operation of firewalls, intrusion- detection systems, enterprise anti-virus and other automation as required.
- Ensure the confidentiality, integrity and availability of the data residing on or transmitted through the organization’s workstations, servers, systems through databases and other data repositories.
- Ensure active compliance with information security requirements.
- Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, (i.e., security tool, workstations, servers, network devices, etc.).
- Maintain operational configurations of all in-place security solutions as per the established baselines.
- Review logs and reports of all systems and devices
- Participate in the design and execution of vulnerability assessments, penetration tests and security audits.
- Provide on-call support for end users for all in-place security solutions.
People Management Development:
The successful candidate will need good people skills including:
- Build and maintain relationships with the overall team and stakeholders.
- Coach, mentor, appraise and develop team members
- 5 or more years’ experience in network, host, data, application, O/S systems enterprise environment as an IT Security Analyst, Information Assurance Analyst or Information Engineer
- 3 or more years’ experience in leading technical teams
- Cisco certification (CCNA, CCNP)
- Desired Technical Knowledge: UNIX, AIX, Linux, Cisco Network IDS, Cisco Host-based IDS, DES encryption, Digital Certificates, SSL, VPN, IPSec, TCP/IP, DNS and web security architecture, mySQL, subversion, SpamAssassin, Nmap, Nikto, Nessus, Paros.
Application Closing Date
5th February, 2018.
How to Apply
Interested and qualified candidates should send their CV’s to: [email protected] with “Information Security Analyst” as the subject of the mail.