Recruitment at Stanbic IBTC Bank for an Officer, IT Security (CSOC Analyst)
Stanbic IBTC Bank is a leading African banking group focused on emerging markets globally. It has been a mainstay of South Africa's financial system for 150 years, and now spans 16 countries across the African continent.
Standard Bank is a firm believer in technical innovation, to help us guarantee exceptional client service and leading edge financial solutions. Our growing global success reflects our commitment to the latest solutions, the best people, and a uniquely flexible and vibrant working culture. To help us drive our success into the future, we are looking for resourceful individuals to join our dedicated team at our offices.
We are recruiting to fill the position below:
Job Title: Officer, IT Security (CSOC Analyst)
Job ID: 37366
Location: Lagos Island, Lagos
Job Sector: Information Technology and Services
Job Details
- Group Information Technology: systems development, business analysis, architecture, project management, data warehousing, infrastructure, maintenance and production.
Job Purpose
- Responsible for performing security monitoring and incident handling to ensure the Confidentiality, Integrity and Availability of information assets for the Standard Bank Group.
Key Responsibilities/Accountabilities
Engagement:
- Partner with relevant stakeholders to maintain and improve the security posture of Business and IT.
- Develop appropriate measures to understand the effectiveness of securing the bank through the availability of systems.
Service Delivery:
- Perform monitoring via the Security Information and Event Management (SIEM) tool as well as from external sources (e.g. telephone or email).
- Update the Case Management tools with evidence trails of all analysed incidents.
- Document results of incidents.
- Escalate and provide feedback on incidents as per Incident Handling Classification Standard and process.
- Provide support to Lead Analyst and coordinate activities in support of Incident Containment.
- Report on false positives and escalate those to the Lead Analyst for verification.
- Undertake incident analysis, tracking, recording, and response.
- Work with or assist other Cyber Security Incident Response Team (CSIRT) members in analysis activities.
- Report new attack types or suspicious activity to the Lead Analyst.
- Interact with the CSIRT team by assignment from Lead Analyst or Manager of Cyber Security Operations Centre.
Mitigation of Risk:
- Continuously report on incidents identified via the SIEM.
- Spot patterns across a number of systems to provide advanced warning on new threats.
- Have an in-depth knowledge of Stanbic IBTC’s policies, procedures, or overall IT environment. Adherence to all applicable Policies and Procedures is mandatory.
Reporting:
- Ad- hoc compilation and submission of M.I.S reports.
- Security incidents reporting
Internal & External Relationship
Information Technology:
- Impact the whole business unit
Internal Audit & Internal Control:
- Limited to their department only
- Description or examples: Click here to enter text.
Service Providers:
- Manage the relationship
- Description or examples: Engagement with IT Security Service providers to ensure best value for money
Preferred Qualification and Experience
Qualifications:
- First Degree IT and Computer Sciences
- MCSE / CISA / CISM / CISSP etc would be beneficial
Experience:
- 3-4 Years experience in Configuration, optimization and security monitoring of incident handling to ensure the confidentiality, integrity and availability of information assets
- 1-2 Years Experience in TCP/IP, HTTP, network access controls, security principles
- Proven ability in the incident management and software development lifecycles
Knowledge/Technical Skills/Expertise:
- Understanding of the CSOC and CSIRT objectives and requirements.
- Working knowledge of the IT and IT Security field including TCP/IP, HTTP, encryption, network access controls, intrusion detection and prevention systems.
- Working knowledge of relevant Operating Systems.
- Demonstrate knowledge of standards associated with the role, e.g. ISO, CobiT, ITIL.
- Understanding of incident management and case management technologies (ticketing systems).
How to Apply
Interested and qualified candidates should:
Click here to apply