Nations Trust Bank PLC
Job description
The candidate in this position will be responsible for overseeing the following job responsibilities in our Information Security Unit.
Job Profile
• Lead the Threat and Vulnerability Management function of the Bank
• Manage and conduct external and internal vulnerability scans, Penetration tests, Special application security reviews as necessary and ensure findings are remediated in a timely manner as per agreed upon timelines and policies.
• Conduct technical security risk assessments as necessary and track remediations
• Ensure latest threats and critical vulnerabilities are identified, communicated and necessary controls are implemented to reduce exposure to zero-day attacks
• Drive red team/blue team initiatives
• Manage and conduct configuration compliance reviews and establish hardening guidelines
• Conducts periodic reviews on existing processes and technical infrastructure and suggests / re-engineer required processes for security improvements
• Validate and triage identified vulnerabilities and track remediation efforts to their completion.
• Participate in rapid action efforts or other emergency response as needed.
• Knowledge on PCI-DSS requirements and compliances
Special Skills
• Understanding of the attacker kill chain, common exploitation techniques and mitigations
• Experience implementing, managing, and supporting vulnerability management platforms.
• Knowledge on the MITRE framework, web application/API/mobile security and Zero Trust
• Willingness to pursue required professional certifications/qualifications
• Knowledge on DLP, PAM, SIEM, EDR/XDR, ZTE, SWG would be an added advantage
Experience & Qualifications
• Minimum of 5-8 years’ experience with at least 3 years of hands-on security experience related to Threat, Vulnerability and Security assessments.
• Technical security certifications such as CISSP, CCSP, CompTIA Security±, CREST – Certified web applications tester, CEH, Offensive Security certifications
• A Cyber Security or IT related Degree from a recognized institution or relevant professional qualification from a recognized professional body