First Bank of Nigeria Limited (FirstBank) is Nigeria's largest financial services institution by total assets and gross earnings. With more than 10 million customer accounts, FirstBank has over 750 branches providing a comprehensive range of retail and corporate financial services. The Bank has international presence through its subsidiaries, FBN Bank (UK) Limited in London and Paris, FBNBank DRC, FBNBank Ghana, FBNBank Gambia, FBNBank Guinea, FBNBank Sierra-Leone and FBNBank Senegal, as well as its Representative Offices in Johannesburg, Beijing and Abu Dhabi.
We are recruiting to fill the position below:
Job Title: Team Lead, Information Assets Security
Job Identification: 85
Job Schedule: Full Time
- Perform technical assessments and review for internal and External (Service providers and third-party relationships) information security programs. Assess the maturity of FirstBank’s information security program and make recommendations for improvement.
Duties & Responsibilities
- Provides consultation on the aspects of threats, vulnerabilities, and compliance for solutions deployed within the environment.
- Accountable for the 3rd Party Vendor Cyber Risk Assessment Program
- Responsible for facilitating FirstBank’s response to 3rd Party Vendor Assessment Questionnaire.
- Lead the activities to effectively assess, measure and communicate cybersecurity risks related to business processes.
- Manages, provides leadership and guidance to less experienced cybersecurity leaders.
- Prioritizes and assigns the tasks to be completed by a group of cybersecurity leaders.
- Possesses the knowledge required to follow and adhere to compliance frameworks and other security requirements and standards that enable the organization to reduce risks and meet regulatory and statutory information security compliance.
- Identifies systemic security issues based on the analysis of vulnerability and configuration data.
- Implements security measures to resolve vulnerabilities, mitigate risks and recommend security changes to system or system components for third party service providers.
- Participates as a stakeholder in cross-functional teams to develop technology solutions.
- Collaborates with functional teams and/or stakeholders to identify and/or develop appropriate solution designs, proper implementation and any required mitigation strategies.
- Performs reviews and identifies security and other weaknesses in solutions that may introduce risks to the enterprise and business goal achievement.
- Provides cybersecurity recommendations to leadership based on existing, emerging and new cybersecurity threats and vulnerabilities, which introduce risk to the achievement of business goals and objectives through third party integrations.
- Advise best practices when integrating third party security controls into FirstBank system Review third party software engineering methodologies; system and security engineering principles; secure design and secure architecture,
- Inform and provide governance regarding system security controls that ensure and provide for the confidentiality, integrity, availability, authentication, and non-repudiation of system resources and the data they process and store during third party service providers integration into the Banks systems.
- Minimum Education: First Degree in Computer Science / Engineering, Higher Degrees/Professional Certificates
- Minimum experience -Ten (10) years relevant working experience and 3 year working experience at supervisory level
- Working knowledge of ISO 27001
- Knowledge of the Security tools such as Qualys, Burp Suite, etc
- Good Knowledge of Penetration testing tools.
- Good knowledge of MS Windows and Linux
- Good understanding of Best Practices Security architecture.
- Working knowledge of penetration testing.
- Good knowledge of network protocols including UDP/TCP/IP
- Professional level knowledge of Access control lists, NAT, routing and switching
- Ability to review rule sets for firewalls
- Good knowledge of firewalls, IDS and IPS
- Good knowledge of network/application security and encryption models.
Application Closing Date
1st February, 2021.