APS.62.25 - Senior IT Security Analyst

 Job Description

JOB TITLE

Senior IT Security Analyst

LEVEL/BAND

MM22

DEPARTMENT

Technology

DIRECT REPORT (JOB TITLE)

Senior IT Security and Networks Management Manager

Overall Purpose of the Position 

The IT Security Analyst is responsible for protecting all sensitive information within the Bank.  The Analyst is responsible for ensuring all networks have adequate security to prevent  unauthorized access and must develop reports to share with the management about the efficiency of security policies. Moreover, the Analyst is responsible to implement, support and monitor systems used for security controls, such systems are firewalls, routers, switches, IPS/IDS and endpoint security system.

The IT Security Analyst must also organize and conduct training for all employees regarding company security. Also, the Analyst is responsible to research, plan, design, and maintain the disaster recovery within the Bank and conduct periodic disaster recovery simulations and training for the IT department.

 Operational Responsibilities

•  To plan, design and implement IT security and network infrastructure. Such as; builds  firewalls, manages host security, file permissions, backup and disaster recovery plans, file system integrity, proxy servers, application firewalls, anti-virus, anti-malware, etc.;
• To supervise and manage technical support including; installation, configuration, upgrades, maintenance, as well as repairing and replacing standard security hardware, software, and peripherals in an effective and timely manner;
•  To plan and manage implementation of new software, hardware solutions and continuously upgrade and improve the way IT addresses the company business needs;
• To implement patches to IT security equipment by using a low-risk approach
•  To implement, design and management of firewalls, IPS /IDS and web filter;
• To implement, manage and administration of Security Information and Event Management, 
  SIEM system;
• To use network management systems and appropriate analysis equipment to collect routine load statistics, to produce network performance statistics, network diagnostic information and carry out site surveys;
• To provide direct training and oversight to all staff members or third parties, ensuring proper IT security clearance in accordance with the established Bank IT security policies, standards and procedures;
•  To assist in documentation and implementation of policies, standards and procedures related to IT security, and disaster recovery;
• To initiate, facilitate and promote activities to create IT security awareness within the Bank;
• To conduct periodic vulnerability and penetration tests of the IT assets of the Bank;
• To monitor compliance with the IT Security policies, standards and procedures, and reports infringements to the line management;
• To advise the Bank about IT security technologies and related regulatory and compliance issues;
• To identify foreseeable IT security and disaster recovery risks in order to comply with the Bank's policies, procedures and standards;
• To assist IT security incidents according to the IT Security Incident procedure.
• To implement and monitor the internal control systems to ensure that appropriate IT security levels are maintained within the IT infrastructure and systems.
•  To maintain and support the access network by investigating and resolving problems, performance monitoring, devising workarounds, correcting faults and making general or site-specific modifications.
• To maintain the Configuration Management Database for the IT security equipment in a  comprehensive, accurate and timely fashion.
• To be assist/coordinate in the design, implementation and testing of a disaster recovery for any new project undertaken by IT department.
• To carry out applied research on new IT Security and Communications technologies offered by the IT industry.
• To be part of the on-call support team according to a schedule.

General Responsibilities

• To submit any reports and/or participate in any projects and activities as may be directed by the Manager (IT Security and Communications) from time to time;
• To ensure compliance with Bank's policies, guidelines and underlying procedures at 
  all times;
• To sit on committees and attend meetings when required and as directed by the  Manager (IT Security and Communications) and to take minutes accordingly;
• To ensure a high quality/standard of work and service throughout;
• To perform standard office procedures including processing mail, answering phone calls, ordering supplies and filing;
•  To perform any other duties that may be assigned from time to time;
•  To attend training as requested by the Bank;

Qualifications, Skills & Competencies 

Mandatory

Skill

• Knowledge in IT technologies such as firewalls, network access control, IDS/IPS, operating systems (both Windows and Linux), IP Protocols, endpoint security and related system tools.
•  Ideally possess ITIL v3 skills;
• Excellent analytical, troubleshooting & interpersonal skills
• Good troubleshooting skills
• Possess good communication and report writing skills.
• Be a team player, reliable, and can work on his/her own initiative.

Experience

• Have at least two years' experience working within these technologies, particularly in Windows OS, Linux OS, Cisco, Checkpoint, Juniper, Forcepoint, Proofpoint, and LogRythm.

Qualification

• Preferably possess a degree/diploma in IT or Computer Science or in a related field

 Desirable

Skill

• Penetration and vulnerability testing,
• DLP, anti-virus and anti-malware,
• Windows and Linux operating systems,
• TCP/IP, computer networking, routing and switching,
• Network protocols and packet analysis tools,
• Disaster Recovery
• Familiarity and sound knowledge of ISO 27001 standards.

Experience

• -

Qualification

• Preferably has Industry specific certification such as CCNA Security and CISA.

Position level (1 being the highest level)

1. 
   
2. Head of Department
3. Managerial & Specialist Positions
4. Middle Management & Specialist Positions
5. Technical & Clerical Positions