First Bank of Nigeria Limited (FirstBank) is Nigeria's largest financial services institution by total assets and gross earnings. With more than 10 million customer accounts, FirstBank has over 750 branches providing a comprehensive range of retail and corporate financial services. The Bank has international presence through its subsidiaries, FBN Bank (UK) Limited in London and Paris, FBNBank DRC, FBNBank Ghana, FBNBank Gambia, FBNBank Guinea, FBNBank Sierra-Leone and FBNBank Senegal, as well as its Representative Offices in Johannesburg, Beijing and Abu Dhabi.
We are recruiting to fill the position below:
Job Title: Team Lead, Vulnerability Management
Job Identification: 87
Job Schedule: Full Time
- To design, own, oversee, and regulate the vulnerability management process in the Bank to ensure that current security issues within the environment are identified, evaluated using a risk management approach, and dealt with in a cost-effective and efficient manner.
Duties & Responsibilities
- Manage regular reviews of Banks network devices to ensure that configurations meet best security practices
- Manage vulnerability scanning of applications and information systems
- Manage payment card data discovery scans to ensure security of Card Holder data
- Conduct internal and external Penetration tests on the Bank’s information systems and make recommendations to critical findings
- Provide in-house information security consulting expertise to the Bank
- Manage continuous reviewing of technology (e.g. network, systems, etc.) security to ensure compliance and optimal performance
- Identify solutions for security compliance, as well as determine and coordinate improvements
- Manage the review of defined levels of tolerance and risk exposure with a focus on mitigating them
- Manage and control established security protocols in the event of any failure or incident in the Organization
- Lead technology risk management processes to identify, analyze, qualify, quantify, treat, accept, communicate and monitor risks related to information technology.
- Provide guidance and support during changes to existing systems and implementation of new systems
- Drive situational awareness to all staff and other stakeholders based on risk identification
- Assist in all security operations aimed at identifying cyber-attacks on the Bank
- Assist with development and implementation of enterprise security strategy and security
- Assist with review of defined levels of tolerance and risk exposure with a focus on mitigating them
- Promote a culture of adherence to security policies and practices
- Provide leadership and technical guidance to reports
- Comply with the principles and policies in the information security hand book
- Minimum Education: First Degree in Computer Science / Engineering, Higher Degrees / Professional Certificates
- Minimum experience – Working knowledge of PCI DSS
- Working knowledge of ISO 27001
- Knowledge of the Security tools such as Qualys, Burp Suite, Pix Alert
- Good understanding of Best Practices Security architecture.
- Good knowledge of network protocols including UDP/TCP/IP
- Professional level knowledge of Access control lists, NAT, routing and switching
- Ability to review rule sets for firewalls
- Good knowledge of firewalls, IDS and IPS
- Good knowledge of network security and encryption models.
Application Closing Date
1st February, 2021.