Job Purpose To plan, organize and lead a team to deliver cost-effective and efficient IT security controls to protect and defend the bank’s systems against any internal and external threats
Protect the bank by designing and implementing security controls in all NMB systems, servers, workstations and databases.
Establish proactive identification of security incidents by automating and building security tools necessary to detect incidents and provide the appropriate notifications.
Implement security governance by defining, developing, implementing, and maintaining required security policies, procedures, standards, and guidelines.
Provide ownership of protection of NMB data by implementing security controls designed to protect the bank from loss of data.
Assist the bank in complying with PCI standard by leading the implementation of security controls in the card space.
Provide security assurance of all applications implemented at the bank by establishing application security requirements and designs, validating implementation of security designs, conducting applications code reviews and security assessments to eliminate security vulnerabilities.
Establish, maintain and implement optimal security configurations of all servers OS, workstations OS, virtual environments, databases, middleware, and applications.
Conduct research and make recommendations on systems security solutions, services, protocols, standards and best practices in support of systems security continuous improvements.
Provide “ownership” of security incidents and problems to the final resolution for all the servers, workstations, and Virtual environments, Databases, Middleware and Applications.
Provide both management and technical systems security statistics and reports to aid in management decisions.
Maintain an inventory of security systems, hardware and software used by the bank.
Support continuous security monitoring efforts of all systems within the bank to detect and resolve security incidents and violations.
Prepare and maintain systems security documentations including security architecture and designs.
Implement security improvements by continuously assessing the implemented controls, evaluating security risks and anticipating requirements.
Knowledge of systems security standards and baselines in Operating Systems, Virtual environments, Databases, middleware and applications; Hands-on experience in installing and troubleshooting the same.
Computer Programming knowledge;
Knowledge of PCI security standards is mandatory.
Demonstrated leadership and personnel management skills.
Good interpersonal, written, and oral communication skills in English and Swahili.
Demonstrable honesty, integrity and credibility; ability to engender the trust and confidence of internal constituency and external partners.
Ability to communicate complex security concepts in an easy to understand business language.
Qualifications and Experience
Bachelor’s degree in Computer Science or related academic field.
Preferred professional certifications such as CEH, OSCP, GPEN, CISSP or any other relevant security certifications.
At least 5 years of relevant work experience.
Solid systems security experience especially in areas such as UNIX/Linux, Windows, VMware, Hyper-V, Oracle & Microsoft Databases and WebLogic.
Experience in scripting and automation using PowerShell and Bash/Shell Scripting.
Hands-on experience in Computer Programming specifically in either Java, PHP or Python.
NMB Bank Plc is committed to creating a diverse environment and is proud to be an equal opportunity employer.
Please be advised that if you are not contacted within 14 working days of the advert closing date, then you have not been shortlisted.
“NMB Bank Plc does not charge any fee in connection with the application or recruitment process. Should you receive a solicitation for the payment of a fee, please disregard it.” Deadline: 2019-09-23