Saturday, April 27, 2024
HomeJob Vacancies
Eric Appiah

Latest Posts

Latest Job Announcement at Absa Bank


Latest Job Announcement at Absa Bank

ROLE TITLE: IT Security Engineer

A career with our family offers the opportunity to be part of this exciting growth path, reset our future, and create our destiny as a proudly African business, with over 100 years of rich heritage and a solid position as a local bank with regional and worldwide expertise.

My Professional Development Portal: We are here to help you at every stage of your career. Create your own future. Discover cutting-edge guidance, resources, and support to help you reach your full potential. Absa is your name.

Job Description

The IT Security Engineer is responsible for developing, implementing, and monitoring security protocols to safeguard the Bank’s digital assets, IT infrastructure, networks, systems, and data. This function entails proactive prevention, detection, and response to security breaches, vulnerabilities, and incidents, as well as maintaining information confidentiality, integrity, and availability.

It is your obligation to resolve these problems as quickly as possible through patch applications and other security procedures. This role is responsible for end-to-end IT security for the Enablement function, in accordance with Absa’s security policies and practices.

To guarantee timely and efficient resolution of security issues, close communication with cross-functional teams, particularly Cybersecurity, Enablement Risk and Governance, and Absa Regional Operations (ARO) Security and Risk functions, is required. The goal of this collaboration is to reduce the Bank’s vulnerability to potential threats and attacks.

Position Description

Policy Development and Enforcement (15%) Accountability

This comprehensive function includes not only implementing security solutions, but also developing, communicating, and enforcing security policies and standards. Your contributions will be critical in establishing a security-conscious atmosphere, minimizing risks, and assuring the security and compliance of the Bank’s IT systems, networks, and data with industry laws and best practices.

Security Policy Development and Implementation:

  • Create, revise, and update security policies, standards, and procedures in accordance with the Bank’s policies, industry requirements, best practices, and organizational goals.
  • Make certain that rules reflect the bank’s risk tolerance and are adapted to unique security challenges.
  • Iteratively improve security policies by regularly evaluating their performance through feedback, incident analysis, and industry benchmarking.

Policy adherence and auditing:

  • Ensure that security rules and standards are followed and enforced throughout the organization.
  • Conduct audits and assessments on a regular basis to discover policy infractions and offer corrective actions.

Analysis of Policy Gaps:

  • Conduct gap analyses on a regular basis to identify places where security rules need to be adjusted or improved to address new dangers or technology.
READ ON:  First National Bank Invites Job Applications 

Advocacy and Communication for Policy:

  • Act as a security policy champion, and educate stakeholders on the necessity and relevance of security policies to the organization’s security posture.
  • Engage with legal, compliance, and other relevant departments to ensure that security policies are consistent with overall business goals.

Security Education Campaigns:

Lead or participate in security awareness programs, creating compelling material and activities to educate staff about policy changes and best practices.

Stakeholder Management (15%) is held accountable.

  • Identify, analyze, and comprehend the expectations of key stakeholders.
  • Effective stakeholder management across the information security lifecycle.
  • Consultations with the Accountable Executive/sponsor to report on progress on the IT security posture, escalate issues, and so on.
  • When necessary, communicate with various enterprises and other enablers to support IT security-related operations.
  • Prepare and deliver presentations to executive leadership on security policy, incidents, and improvements.
  • Technical security principles should be translated into business-friendly language for executives and non-technical stakeholders.
  • When adopting new security rules or practices that impact established workflows, facilitate change management processes.
  • Assist teams in adjusting to changes, addressing issues, and ensuring smooth transitions.
  • Collaborate with external partners, vendors, industry groups, and regulatory authorities to harmonize security practices and share policy formulation and enforcement information.
  • Customize security policy communications and engagement techniques for various audiences inside the company to ensure effective understanding and acceptance.
  • Address security policy conflicts and controversies by focusing on finding common ground that balances security requirements and operational considerations.
  • Seek feedback from stakeholders in order to strengthen security rules and close gaps that may emerge from real-world implementation.
  • Collaborate with communication teams during security events or breaches to ensure accurate and honest communication with stakeholders while retaining trust and credibility.

Accountability for everything listed below (60%)

  • Conduct regular vulnerability assessments across the organization’s technological ecosystem using automated scanning technologies, manual testing, and other ways to uncover security flaws.
  • Analyze and evaluate vulnerability scan data in order to prioritize and resolve discovered issues.
  • Keep up to current on the most recent threat landscape, upcoming vulnerabilities, and attack vectors.

Patch Administration:

  • Plan and execute patch management strategies in collaboration with system administrators, developers, and other stakeholders.
  • Before deploying patches, ensure that they are compatible and have minimum impact on systems and services.
  • Create and follow a detailed patching program to ensure the timely distribution of security patches.
READ ON:  Head Strategy & Innovation

Planning and Execution of Remediation:

  • Assess the risk associated with identified vulnerabilities and collaborate with relevant teams to create effective remediation plans.
  • Provide explicit instructions and recommendations on patching and mitigation techniques to system owners and administrators.
  • Track and monitor the progress of vulnerability mitigation efforts, escalating serious vulnerabilities as necessary.

Response to an Incident:

  • Take part in incident response by identifying vulnerabilities that may have contributed to security events and breaches.
  • Contribute to the creation of incident response strategies and vulnerability management practices.

Reporting and documentation:

  • Keep accurate and up-to-date records of vulnerabilities, patches installed, and results.
  • Create regular and ad hoc reports for management and important stakeholders on vulnerability assessment findings, patching status, and overall security posture.

Continuous Enhancement:

To adapt to shifting threat landscapes and technological contexts, continuously examine and improve vulnerability assessment and patching methods.
Based on an examination of vulnerabilities and their potential impact, provide insights and recommendations for security solutions.

Integration of Threat Intelligence:

  • Stay up to date on the newest threat information, vulnerabilities, and exploits by following credible sources.
  • Incorporate threat intelligence into vulnerability assessments to find vulnerabilities that cybercriminals are actively targeting.

Validation and testing:

  • Work with the testing team to ensure that patches are extensively tested in a controlled environment before they are applied to production systems.
  • Create and run testing scenarios to ensure that fixes are successful in addressing identified vulnerabilities.

Communication and coordination:

Serve as a liaison between several teams, including IT, development, and security, to facilitate seamless patching coordination.
Effectively communicate with stakeholders about the importance of patch deployment, potential hazards, and required downtime.

Required Education and Experience

  • A bachelor’s or master’s degree in computer science, information technology, or a closely related discipline is required.
  • Certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), and CompTIA Security+ are examples of professional credentials.
  • Knowledge of network protocols, firewalls, intrusion detection/prevention systems, and security technologies is required.
  • Knowledge of operating systems (Windows, Linux), network architecture, and cloud security is required.
  • Excellent problem-solving abilities as well as the capacity to respond promptly to security problems are required.
  • Strong communication skills are required to collaborate effectively with team members and stakeholders.
READ ON:  Laundry Attendant at Peduase Valley Resort

Knowledge & Skills: (At least 3)

  • Extensive knowledge of IT security management best practices and disciplines
  • Knowledge of the bank’s systems, goods, and services
  • Experience managing activity across the whole IT security lifecycle while utilizing modern technologies, structured techniques, and a quality methodology
  • Governance, control, and risk management exposure
  • Proven ability to work effectively in teams at all levels.
  • Strong knowledge of common security flaws, attack routes, and mitigation solutions.
  • Expertise in vulnerability scanning and assessment tools.
  • Knowledge of patch management processes and tools.
  • Excellent knowledge of network protocols, operating systems, and application architectures.
  • Excellent analytical and problem-solving abilities.
  • Effective communication skills are required for collaboration with both technical and non-technical parties.
  • Ability to operate both independently and collaboratively.
  • Knowledge of legal regulations and security standards (for example, GDPR, ISO 27001, PCIDSS) is advantageous.

Competencies: (A minimum of three)

  • Leadership and management
  • Exceptional service and a focus on results.
  • Excellent analytical, evaluative, and problem-solving skills.
  • Ability to work under pressure and within tight deadlines.
  • Excellent task organization and self-direction, as well as time management abilities.
  • The ability to establish and manage priorities.
  • It is critical to stay current on technology changes.

Education

  • Physical, mathematical, computer, and life sciences higher diplomas are required.

How to Apply for this Job at Absa Bank

Click Here to Apply Online

Closing Date: 26th September 2023

RECOMMENDED

JOIN WHATSAPP

For daily job alerts and guide to worldwide visas, join our WhatsApp and Telegram group

CLICK HERE TO JOIN THE WHATSAPP CHANNEL

CLICK HERE TO JOIN THE WHATSAPP GROUP

CLICK HERE TO JOIN THE TELEGRAM GROUP

CLICK HERE TO JOIN OUR FACEBOOK PAGE

 

NOTE:

UNDER NO CIRCUMSTANCE SHOULD AN APPLICANT PAY MONEY TO ANYONE IN GETTING A JOB WE HAVE PUBLISHED 

Eric Appiah

RELATED ARTICLES

Latest Posts

Don't Miss

Contact us

NewsNowGh serves as a reference point for accurate information. Our news comes in the form of traveling visas, scholarships, work permits, and visa-sponsored jobs.

Contact us: info@newsnowgh.com