SUMMARY
Information Security Analyst will be responsible for developing and implementing Information Security program, policy and relevant security standards Information Security Analyst will design proper security controls to protect the bank’s informational assets against confidentiality, integrity, and availability loss. Monitor, track and report all control weaknesses and violations for security policy and standards. Information Security Analyst also responsible for designing and implementing security controls and framework for infrastructure, databases, internal applications, vendor and third-party applications and cloud solutions.
JOB FUNCTIONS/DUTIES AND RESPONSIBILITIES
1. Configure Manage, Monitor Security tools and System for the Bank.
2. Assists in defining, creating, and implementing banks Information Security Policy/Standards, Guidelines
3. Work under ISO’s supervision to define and implement Information Security Program and Monitoring Strategy.
4. Install, configures and administers Information Security technologies intended to protect the bank’s digital assets.
5. Monitors all Information Security related systems intended to provide incident reporting.
6. Responds to Information Security incidents.
7. Responsible for automation of security reports, tools, ISO Dashboard and KRIs
8. Design Share Point applications & Integration of Security systems reporting.
9. Review and approval all system configuration changes, updates according to the Banks procedures.
10. Review compliance with the information security policy and standards.
11. Provides periodic reporting on information security issues and gaps
13. Performs all Information Security related functions as assigned by ISO
14. Provide high quality work by ensuring accuracy and seeking to continuously improve Information Security
processes by embracing new and better ways of doing things.
REQUIREMENTS
1. Bachelor’s degree or equivalent.
2. Strong understanding of IP Network, Microsoft Windows
3. Good knowledge of Cyber Risk and Technology Risk Controls, Third Party Vendor Risk.
4. Microsoft SharePoint, GRC Tool, NIST, ISO framework
5. Basic knowledge of firewalls, switches, routers and other network technologies.
6. 1 to 3 years’ experience in Information Security field
7. Strong skills in Vendor/Third-party security controls, security auditing tools
8. Strong project management skills, technical writing and presentation skills
9. Office 365 Tools, Excel, PowerPoint, Teams
10. CEH, Security+ type of certifications are plus
PHYSICAL DEMANDS
No special requirements
