Under the direction of the CISO, incumbents assigned to this classification ensures the following:
Responsibilities
- Daily monitoring and log review to check for any malicious activity, alert and notify stakeholder/s for any incidents/events
- Maintain a tracker of new, open/existing and closed vulnerabilities, including the exception waiver (REA)
- Validation of the remediation done before closing the vulnerabilities
- Validate the exception waiver (REA) and check if compensating control in place to mitigate the risk of non-remediation.
- Act as a liaison with 3rd party service provider for the services and scope of work to be performed and shadow
- Coordinate with ITG for the resources need to successfully perform the external VAPT to be conducted
- Maintain a tracker of identified vulnerabilities and track remediation
- Conducts technical assessments to continually challenge the Bank's defenses and controls against cyberattack.
- Prepare the report on the results of the assessment to be submitted to CISO for reporting to ROC
- Third-party information security assessments
- Information security risk assessments
- Policy formulation, review and updating
- Awareness of compliance and risk accountabilities at all times
- Observe strict compliance with existing bank guidelines and policies applicable
Qualifications:
- Bachelor's degree in any IT or Engineering-related course
- With at least three to five years of combined experience in Banking Information Security, Information Technology or any related field
Competencies:
- IT Infrastructure
- Information Systems Best Practices
- Security Infrastructure
- Industry Standard Certification CEH, CISSP, MCSE, Comptia Sec+ (preferred)
- Oral and Written Communication Skills
- Interpersonal Effectiveness
- Risk Awareness
