Our banking client is currently recruiting a IT Security Officer, to be based in Khartoum, Sudan. The incumbent’s function is viewed to be one of the key functions supporting the design, implementation and monitoring of the information security structure at the bank. In this capacity, the IT Security Officer reports directly to the Chief, IT Department. It further supports the banks IT strategic direction by proactively considering security threats and initiatives. To this end, the role requires an enthusiastic and passionate professional with a keen interest and ability to keep abreast of developments in information and communications technology.
Requirements: Qualification and Skill
- Developing and implementing Information security policies, procedures and standards according to internationally approve quality standards.
- Keeping well informed about the threats facing ICT in general and in what relates to the preventive measures and tools recommended to address the environment.
- Providing support to the IT Division in formulating and implementing security programs. This includes proposing policies and providing configuration management for security-relevant information system software, hardware, and firmware.
- Providing technical security guidance with value added, based on relevant industry standards and organizational policies.
- Developing the Body of Evidence to support the assessment and authorization of information systems.
- Using vulnerability assessment tools to develop and interpret risk assessment reports.
- Identifying the security categorization of information systems and documenting relevant security controls.
- Performing regular system inspections, tests, conducts media reviews and comprehensive investigations of computer security incidents.
- Coordinating with other organizations and vendors for expertise as needed.
- Participate in the development of the disaster recovery and business continuity plan to ensure service is continuous in the event of a disaster/risk.
- Supervising data encryption and confidentiality of information exchange within the network between the bank's HQ and other sites.
- Performing IT security risk assessments and reporting on ways to minimise threats.
- Conducting employee security awareness training as well as championing and educating the organisation about the latest security strategies and technologies.
- Reporting the Information Security status to the department manager.
- Bachelor Degree in Information Technology, Computer Science, MIS or other related business specialization from a reputable university is a must (Master preferred).
- Certifications in CISSP, CAP, Security+, or related
- Must have at least 6 years of working experience in relevant IT security position, with a good portfolio of relevant professional and technical skills.
- Excellent verbal and written communication skills in English and Arabic. Knowledge other working languages is an added advantage (French)
- Suitably qualified candidates from all African and Arabic nationalities are encouraged to apply.
- Understanding of system vulnerabilities and exploitation.
- Understanding of vulnerability mitigation.
- DOD 8570 compliance (CISSP, Security +, etc.)
- Enhanced knowledge in Risk Management and mitigation.
- Knowledgeable in cyber threats and attacks.
- Solid awareness of best practices, security standards and governing controls.
- Skillful in analysing technical problems from various perspectives.
- Proven skills in diagnosing and troubleshooting security related problems.
- Understand architecture, administration, and management of various operating systems and IT networks.
- Knowledge in configuring network devices especially routers, switches, firewalls and other traffic filters as per industry standards and promoted guidelines.
- Appropriate skills in managing and reporting security incidents.
- Must have strong analytical skills that enable understanding computer systems, identifying potential weaknesses, and designing and implementing possible solutions.
- Skills in Network and Systems monitoring and Administration.
- Proven skills and experience in ethical hacking of systems and networks.
- Extensive knowledge in laws, regulations and compliance requirements.
- Ability to follow analytical approach when hunting for IT security holes
- Ability to assess possible vulnerabilities and to fill the gaps
- Perform assessments to vulnerabilities and execute penetration tests
- Ability to demonstrate and forensically exhibit how IT networks are attacked.
- Readiness and ability to train and educate users at various levels on the importance of cyber security and means of protection.
- Ability to anticipate and expect potential cyber-attacks and to take advance measures to increase security arrangements and precautions to nullify such attacks.
- Ability to work within a team in a demanding environment.
- Must be able to articulate risk mitigations and answer technical security enquiries in a professional manner.
Please apply directly, by clicking on the ‘apply button’ and visit www.caglobalint.com for the latest CA Global jobs.
Senior Recruitment Consultant
CA Global Finance
Should you not receive a response in two weeks, please consider your application unsuccessful. Your CV will be kept on our database for any other suitable positions.