2 Job Vacancies NMB Bank Tanzania
Senior Manager; Security Operations
Job Purpose
To plan, organize, and effectively lead Cybersecurity Operations to detect and respond to any internal and external cybersecurity threats.
Main Responsibilities
- Review and implement security monitoring and incidents response strategy and roadmap for the bank.
- Drive cybersecurity monitoring and incident response initiatives within the bank to improve security monitoring capabilities.
- Establish real-time proactive monitoring and detection of security incidents and provide relevant notifications.
- Implement automated response to cybersecurity incidents by integrating and building various security tools.
- Overseeing the investigation of reported security breaches including fraud cases in collaboration with the bank’s fraud management unit.
- Develop and provide actionable dashboards that show clear visibility of security attacks to the bank.
- Provide “ownership” of security incidents and problems to the final resolution for all the servers, workstations, Virtual environments, Databases, Middleware, and Applications.
- Implement security governance by defining, developing, implementing, and maintaining required security policies, procedures, standards, and guidelines.
- Conduct research, evaluate, and make recommendations on security monitoring and incident response tools, services, protocols, standards, and associated best practices.
- Provide both management and technical security monitoring statistics and reports to aid in management decisions.
- Prepare and maintain security monitoring documentations including architectures, designs and governance documents.
- Communicate critical cybersecurity incidents to technology and business leaders.
- Oversee internal and external security assessment activities including vulnerability assessments and penetration tests.
- Championing cybersecurity awareness program to educate staff on cybersecurity threats and prevention measures.
- Responsible for team & vendor management for the Security Operations Center
Attributes
- Excellent knowledge of security monitoring technology landscape.
- In-depth knowledge of security of various operating system flavors such as Windows, Linux, and Unix.
- Knowledge of security of applications, databases, and middleware technologies.
- Knowledge of common information Security Management Frameworks/Standards such as ISO/IEC 27001, NIST CSF, and PCI.
- In-depth knowledge of security incidents response process.
- Demonstrated leadership and personnel management skills.
- Good interpersonal, written, and oral communication skills in English and Swahili.
- Demonstrable honesty, integrity, and credibility; ability to engender the trust and confidence of internal constituency and external partners.
- Ability to communicate complex security concepts in an easy to understand business language.
Qualifications and Experience
- At least a Bachelor’s degree in Computer Science, Engineering, or related academic field.
- Preferred professional certifications such as CEH, CISM, CISA, CISSP or any other relevant security certifications.
- At least 5 years of relevant work experience in Cybersecurity.
- Solid hands-on experience in enterprise security tools including security monitoring technologies such as SIEM and SOAR tools.
- Experience in detecting and triaging security events
NMB Bank Plc is committed to creating a diverse environment and is proud to be an equal opportunity employer.
Please be advised that if you are not contacted within 14 working days of the advert closing date then you have not been shortlisted.
“NMB Bank Plc does not charge any fee in connection with the application or recruitment process. Should you receive a solicitation for the payment of a fee, please disregard it”.
Deadline: 2020-08-14
2 Job Vacancies NMB Bank Tanzania
Main Responsibilities
- Drive the secure application development strategy and roadmap of the bank by ensuring applications are securely designed and developed.
- Implement application security governance by defining, developing, implementing, and maintaining required policies, procedures, standards, and guidelines.
- Provide ownership of security of all systems and applications developed and acquired by the bank.
- Establish security requirements and designs for all developed and acquired systems.
- Provide security assurance of all applications implemented by validating the implementation of security designs, conducting applications code reviews and security assessments to eliminate security vulnerabilities.
- Conduct periodic security assessments and review of implemented systems to ensure their continued compliance with security standards.
- Establish, maintain, and implement optimal security configurations of all servers OS, workstations OS, virtual environments, databases, middleware, and applications.
- Conduct research and make recommendations on systems security solutions, services, protocols, standards, and best practices in support of systems security continuous improvements.
- Maintain an inventory of security systems, hardware, and software used by the bank.
- Support continuous security monitoring efforts of all systems within the bank to detect and resolve security incidents and violations.
- Prepare and maintain systems security documentation including security architecture and designs of systems and applications.
- Implement security improvements by continuously assessing the implemented controls, evaluating security risks and anticipating requirements.
Attributes
- Knowledge of modern software development trends as well as in-depth understanding of software security practices.
- Knowledge of systems security standards and baselines in Operating Systems, Databases, middleware, and applications; Hands-on experience in implementing applications in a wide range of Operating Systems is mandatory.
- Hands-on experience in Application Security testing tools with SAST and DAST capabilities.
- Familiarity with security standards such as OWASP Testing Guide, OWASP ASVS, NIST, and Sans top 20.
- Ability to communicate complex security concepts in an easy to understand business language.
- Demonstrated leadership and personnel management skills.
- Good interpersonal, written, and oral communication skills in English and Swahili.
- Demonstrable honesty, integrity, and credibility; ability to engender the trust and confidence of internal constituency and external partners.
Qualifications and Experience
- At least a Bachelor’s degree in Computer Science or related academic field.
- Preferred professional certifications such as CEH, CISM, CISA, CISSP, or any other relevant security certifications.
- At least 5 years of relevant work experience.
- Solid Hands-on experience in Computer Programming in either Java, PHP, and Python is mandatory.
- Solid experience in implementing applications in various operating systems is mandatory.
NMB Bank Plc is committed to creating a diverse environment and is proud to be an equal opportunity employer.
Please be advised that if you are not contacted within 14 working days of the advert closing date then you have not been shortlisted.
“NMB Bank Plc does not charge any fee in connection with the application or recruitment process. Should you receive a solicitation for the payment of a fee, please disregard it”.
Deadline: 2020-08-14