Cyber Security Specialist

Company Details
Industry: Banking
Description: Absa Bank Limited (Absa) is a wholly owned subsidiary of Barclays Africa Group Limited. Absa offers personal and business banking, credit cards, corporate and investment banking, wealth and investment management as well as bancassurance. Barclays Africa Group Limited is 62.3% owned by Barclays Bank … Absa Bank Limited (Absa) is a wholly owned subsidiary of Barclays Africa Group Limited. Absa offers personal and business banking, credit cards, corporate and investment banking, wealth and investment management as well as bancassurance. Barclays Africa Group Limited is 62.3% owned by Barclays Bank PLC and is listed on the JSE Limited. The Group is one of Africa’s major financial services providers offering personal and business banking, credit cards, corporate and investment banking, wealth and investment management as well as bancassurance. The Group was formed through combining Absa Group Limited and Barclays’ African operations on 31 July 2013. Reflecting the enlarged group’s pan-African focus, the Group's name changed from Absa Group Limited, to Barclays Africa Group Limited on 2 August 2013. Registered head offices are in South Africa and the Group has majority stakes in banks in Botswana, Ghana,Kenya, Mauritius, Mozambique, Seychelles, South Africa, Tanzania (Barclays Bank Tanzania and National Bank of View more View less
Job Details
Job Type: Full Time
Workplace Type: On-site
Qualification: Diploma
Job Experience: Mandatory
Job Location: Nairobi County, Kenya
Closing Date: Undisclosed
Salary: Undisclosed
Other Pay: Benefits
Job Category: Telecommunications
Job Description

Job Summary

To provide specialist advice & support in the development & implementation of IT security service delivery processes, methods and techniques enabling secure management & control of IT access, in alignment with governance requirements.

Job Description

Cyber Security Specialist

Job Purpose:

  • To drive IT Risk compliance which ultimately ensures that all the Bank’s management data, processes, risks and controls are effectively operating. Ensure that all cybersecurity activities and duties are carried out in full compliance with regulatory requirements, Enterprise wide Risk Management Framework and internal Absa Policies and Standards. Understand and manage cyber security risks and risk events.

Key Accountabilities

Accountability – 60%

  • Assessing the risks and exposures related to cybersecurity and aligning to the Bank’s risk appetite.
  • Monitoring current and emerging risks and changes to laws and regulations for appropriate actions.
  • Collaborating with stakeholders charged with safeguarding the information assets at Absa to ensure appropriate control design and configurations.
  • Maintain comprehensive cyber risk registers: Key cybersecurity risks should be regularly identified and assessed. Risk identification should be forward looking and include the security incident handling.
  • Ensure implementation of the cyber and information risk management strategy including cyber risk policies and standards.
  • Safeguarding the confidentiality, integrity and availability of information asset and Technology platforms.
  • Prepare Cyber Security Posture reports for submission to the various risk committees.
  • Run the vulnerability management program to ensure vulnerabilities are identified, prioritized, and remediated on time.
  • Engage with stakeholders across the Absa Group to motivate and drive remediation of vulnerabilities and identified issues.
  • Engage with Project Management teams to ensure all new projects are security assessed and in line with the bank’s cyber security policies and standards.
  • Coordinate penetration test, red team and audit engagements with both internal and external assessment teams.
  • Respond to Cyber security incidents in coordination with the Group Incident Response and Forensics team.
  • Report Cyber security incidents to the regulator as specified in the prudential guidelines.

Accountability - 20%

  • Implement parameters to measure Cyber risks exposure.
  • Monitoring adherence to cyber risks policy & standards to drive remediation measures.
  • Reporting all cyber risks consistently and comprehensively to the senior leadership & relevant stakeholders to facilitate appropriate decisions.

Accountability- 10%

  • Coordinate Cybersecurity awareness activities across the bank from strategic, technical, and general sensitization.
  • Create Cybersecurity awareness circulars for customers.
  • Coordinate cybersecurity awareness for the Board members.

Accountability - 10%

  • Research on emerging cybercrime trends and gathering threats intelligence for onward sharing.
  • Coordinate red team exercises.
  • Coordinate penetration testing activities for new and existing applications and infrastructure.

Risk and Control objective

  • Ensure that all activities and duties are carried out in full compliance with regulatory requirements, Enterprise-Wide Risk Management Framework and internal Absa Policies and Policy Standards.
  • Understand and manage risks and risk events (incidents) relevant to the role.

Preferred Qualification

  • B-degree in (Computer Science / Information Technology) (NQF level no.)
  • CISSP / CISM / CEH or equivalent certification.

Preferred Experience

  • At least 5 years technical experience.

Knowledge and Skills

  • Proficiency with Linux and Windows operating systems
  • Network monitoring
  • Vulnerability Assessment and Penetration Testing
  • Risk Assessment
  • Incident Response
  • Data Analysis and Reporting
439 open positions on Semasocial right now · 7474 open positions in Nairobi County, Kenya · 57 posted in the last 7 days
CV Job Description Matcher See how well your CV matches this job and get tips to improve your chances AI Tool

This tool helps you see how closely your CV matches a job description. It also gives you simple suggestions on what to improve so you have a better chance of getting shortlisted.

Beware of Fraudsters!
Never pay anyone for job applications, interview tests, or job interviews. A genuine employer will never ask you for payment under any circumstances.
Disclaimer & TOS: We do not guarantee the authenticity of every single job posting and are not responsible for any fraudulent activity or misrepresentation by third parties. We are not involved in any stage of the interview or recruitment process and do not charge any fees from job seekers. For further details, please read the rest of the Terms of Service.