Summary:
Request a managed security resource to provide services related to IT/Cyber Security
Operations, comprising the segments below:
IT Information/Cyber Security team is responsible for the architecture, project,
operations, maintenance and support of the following security capability:
- Headquarters Information/Cyber Security infrastructure
- Regional Offices Information/Cyber Security infrastructure
- Remote connectivity network infrastructure
- Cloud IT Security infrastructure
- SWIFT infrastructure
- Solutions that support the overall IT/Cyber Security infrastructure include:
o Data Leakage Prevention technologies and solutions
o Security Incident and Event Management technologies and solutions
o Security Operations Centre Support, technologies and solutions
o End Point Detection and Response technologies and solutions
o Vulnerability Management technologies and solutions
o Security Awareness and Training platforms
o Identity and Management Solutions
o Privilege Access Management technologies
o Firewalls, IPS, Cloud Networking, Web Application Proxies
o Web Application Firewalls
o Mobile Application and Device Management technologies
o Threat Intelligence and Threat Hunting technologies and solutions
o Threat Modeling technologies and solutions
- IT/Cyber Security infrastructure used to support the business and internal applications.
- Drafting of IT Security Architectural designs, policies, guidelines, technical standards and
procedures
- Aligning the applied technologies with best practice reference security frameworks like
NIST CSF 2.0 and ISO 207001 and more
- Interfacing with Risk Management and Audit departments by providing the required
security control metrics
Skills:
FR1.Resource skills required Details
• Support in creation and operation of security guidelines and procedures for the client
• Testing, deploy and maintaining security tools as specified above.
• Conducting periodic vulnerability scans, create reports and follow-up remediations.
• Assist with the incident response activities and investigations and follow-up remediations.
• Must have a high-level of understanding of information security concepts and their
applications via relevant technology solutions.
• The ability to understand, research, test and deploy security related systems and applications. Work with the IT departments to secure IT Systems
• Knowledge of network equipment and architecture, and possibly the ability to install,
test and configure network infrastructure.
• Some experience in anti-malware software, intrusion detection, firewalls, and content filtering
• Knowledge of risk assessment Tools, technologies, and methods
• Experience in designing secure networks, systems and application architectures.
• Knowledge of Disaster Recovery and computer forensics technologies and methods
• Planning, researching, and developing security policies, guidelines and procedures.
• System administration, supporting multiple platforms and application.
• Experience with Microsoft technology Security Tools (Microsoft Purview, Defender, Intune etc.) will be an added advantage.
• Knowledge of malicious software
• End point security solutions, including file integrity monitoring and data loss prevention.
• Knowledge of certain Threat Hunting capabilities
• Cloud security particularly with AWS, Azure and AliCloud
• Knowledge of automating security testing tools
• Assist with educating and training NDB staff on information/cyber security best practises.
• Have knowledge and have some experience in AI technologies and large language models
• Knowledge of certain Security frameworks like NIST CSF 2.0, ISO27001, OWASP etc.
• CISSP certification will be an advantage or any other related security certification.
• At least 5 or more years of security experience
• Working time requirement – Monday to Friday (occasional Weekend work) 9h:00 –17:30