Information Security - Specialist (Operations)

The Information Security - Specialist will report directly to the Information Security Manager and will be responsible for implementing and managing security measures to protect the Bank's information assets. This role focuses on proactive threat detection, incident response, and vulnerability management across all technology domains, including endpoints and cloud environments. In collaboration with IS management, the Specialist will identify gaps in existing information security policies, standards, guidelines, and procedures, recommending updates to ensure alignment with regulatory requirements, industry best practices, and leading security standards.

The IS Specialist will be responsible for overseeing security technologies like Cloud Security, DLP, Kubernetes, API security, SIEM and EDR, and ensuring compliance with standards and policies. Responsibilities include managing incident response, performing risk assessments, and optimizing security tools across cloud and network environments. The position requires collaboration with internal teams and external stakeholders to enhance security posture and mitigate threats.

• a) Assist in developing and implementing the information security strategy and roadmap across all security technology domains.
• b) Research and analyze security standards, systems, and authentication protocols, providing recommendations to IS management.
• c) Review architectural security designs, Data flow and offer recommendations for approval by IS management.
• d) Enforce security policies and control across cloud environments to ensure a secure infrastructure.
• e) Manage and optimize CSPM tools to continuously monitor and enforce security best practices within cloud environments like Azure.
• f) Lead cloud incident response efforts, investigating and addressing threats in real-time to mitigate potential security risk.
• g) Lead the ongoing management of DLP technologies to protect sensitive data from unauthorized access and leakage.
• h) Regularly review and update DLP policies to reflect changes in business needs, technologies, and regulatory requirements.
• i) Identify and assess security risks in APIs and Kubernetes by evaluating access control, misconfigurations, and vulnerabilities.
• j) Enforce security policies and controls for APIs and Kubernetes.
• k) Oversee the management, optimization, and tuning of the SIEM platform to ensure effective security incident monitoring.
• l) Conduct deep-dive investigations into security alerts and collaborate with teams to resolve incidents efficiently.
• m) Conduct regular security audits and reviews to ensure compliance with internal policies and industry standards.
• n) Manage the deployment and operational effectiveness of EDR solutions to monitor, detect, and respond to endpoint threats.
• o) Lead incident response for security breaches, including investigation, containment, eradication, and recovery.
• p) Provide post-incident analysis, identify lessons learned, and improve future response strategies.
• q) Monitor the bank’s networks for security breaches and investigate violations as they occur.
• r) Advise IS management on emerging security trends and best practices, assist in updating security policies and procedures, and support departments in investigating breaches and pursuing disciplinary or legal actions as needed.
• s) Contribute to team efforts by accomplishing related results as needed.
• t) Perform other duties as may be assigned by IS management.

• Work within framework of bank’s information security policies, standards, guidelines and procedures as applicable.
• Work accomplishments will be reviewed by the Information Security Manager.

• Education Level Required: Bachelor's degree in Computer Science, Network / Cyber Security or related information technology field.
• Professional / Technical Qualifications / Diplomas: Platform specific certifications (e.g., SIEM, Networking, Operating System).
• Security Certifications: SANS / ISC2 / CEH / CISSP, etc.
• Experience: 8 - 10 years’ experience in Information Security or related field.

• In-depth knowledge and understanding in information security and technology infrastructure, ensuring robust protection of systems and applications.
• Expertise in enforcing cloud security policies, IAM configurations, and data protection practices to ensure a secure infrastructure.
• Proficient in managing and optimizing CSPM tools to continuously monitor and enforce security best practices.
• Experienced in reviewing and enhancing security configurations and architectures to align with industry best practices and compliance requirements.
• Proficient in managing API and Kubernetes security policies, including implementing posture management, access controls, encryption, and continuous monitoring to ensure a secure environment.
• Skilled in conducting thorough vulnerability assessments and comprehensive risk analyses, prioritizing risks and implementing remediation strategies to secure systems.
• Proficiency in configuring and managing DLP tools, data classification, policy enforcement, risk assessment, compliance knowledge, and integrating with security systems to prevent unauthorized data loss.
• Skilled in configuring, optimizing, and managing Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), Data Asset Management (DAM) platforms for real-time threat detection and effective incident response.
• Committed to enhancing organizational security posture through ongoing monitoring, assessment, and optimization of security tools and processes.
• Demonstrates innovative thinking by exploring alternative approaches and developing conceptual frameworks to address complex security challenges.
• Possesses strong communication skills, capable of conveying complex security concepts to senior non-technical stakeholders in clear, jargon-free language.
• Adept at managing multiple concurrent projects, effectively prioritizing tasks to meet organizational demands and deadlines.