Description

DFCU Bank is hiring a IT Security Specialist- Infrastructure responsible for securing the bank’s BT infrastructure security by implementing, monitoring, and managing security controls to protect networks, servers, endpoints, and other critical systems from threats and vulnerabilities.

Reporting to the Chief Information & Cybersecurity Officer

KEY ACCOUNTABILITIES:

• Design, implement, and manage firewalls, intrusion detection/prevention systems (IDS/IPS), and Virtual Private Networks (VPNs).
• Monitor network traffic for anomalies, unauthorized access, and malicious activities.
• Secure wireless networks and segment networks to minimize exposure.
• Deploy and manage endpoint protection solutions, including antivirus, endpoint detection and response (EDR), and patch management tools.
• Harden workstations, servers, and mobile devices to prevent unauthorized access or malware infections.
• Manage user authentication systems, such as Single Sign-On (SSO) and Multi-Factor Authentication (MFA).
• Implement least-privilege access and role-based access controls (RBAC) across infrastructure.
• Regularly audit user accounts and permissions.
• Secure cloud environments by configuring identity, storage, and network controls.
• Monitor cloud activity for unauthorized changes, access, or misconfigurations.
• Implement cloud security best practices for providers like AWS, Azure, or Google Cloud.
• Perform vulnerability scans and manage the remediation of identified risks.
• Work with the Business Technology team to apply patches, updates, and configuration changes to address known vulnerabilities.
• Respond to and investigate security incidents affecting infrastructure.
• Perform root cause analysis and document lessons learned.
• Develop and test disaster recovery and business continuity plans.
• Ensure infrastructure aligns with security policies, standards, and regulatory requirements (e.g., NIST, ISO 27001, GDPR).
• Create and maintain infrastructure security policies and documentation.
• Set up and manage Security Information and Event Management (SIEM) tools for real-time monitoring.
• Review logs from servers, firewalls, and other devices to identify threats.
• Work with BT and DT teams to implement secure configurations for routers, switches, and other infrastructure.
• Coordinate with third-party vendors to evaluate and improve infrastructure security.
• Stay updated on evolving infrastructure security threats, technologies, and best practices.
• Regularly assess the infrastructure security posture and recommend improvements.

KNOWLEDGE, SKILLS, AND EXPERIENCE REQUIRED:

• A minimum qualification of a bachelor’s degree in computer science, Information Technology, or a related numerical sciences degree.
• A master’s degree specializing in digital security is an added advantage
• Professional information and cyber security certifications in relevant technologies such as Cisco, Microsoft, Unix / Linux will be an added advantage.
• At least one information security certification e.g. CISSP, CISM, CEH, CCSP etc.
• At least 5 years’ experience in systems / network administration role or information and cyber security role.
• Work experience in the banking industry will be an added advantage.
• Experience and qualifications in Ethical Hacking
• Working Knowledge of systems architecture and systems development
• Knowledge and experience in Applications penetrations testing
• Skills and training in internet applications design and security
• Experience with Web Application Firewalls Proficiency in security technologies such as firewalls, intrusion detection systems, and encryption
• Knowledge and Experience in Cyber Defense techniques and technologies
• Experience in UNIX and Windows server administration is an added advantage.
• Technical skills in Unix and Windows and Python scripting skills.
• Demonstrate experience in writing technical reports and management reports for stakeholders is a must.
• Must possess above average problem-solving skills, organization skills, excellent and communication skills.
• Considered an out of the box thinker and displays a willingness to learn.
• Ability to maintain robust stakeholder engagements, a strong work ethic, and is a team player with the ability to work well independently.
• Experience with security frameworks and regulations such as PCI-DSS & ISO 27001.
• Ability to respond immediately to security incidents and provide post incident analysis.
• Ability to perform security systems testing both in-house and external systems before production deployment.
• Ability to educate employees on security best practices and promote a culture of security awareness.
• Advanced Business Architectural & IT Security skills
• Analytical Thinking & Inductive Reasoning
• Planning and Organization
• Strategic Perspective – Establish priorities, challenging goals and measurements consistent with these goals and organizational vision.
• Critical Judgement and Decision-Making – Define issues and focus on achieving workable solutions to obstacles.
• Good Communicator – Presents ideas effectively, clearly and concisely both orally and in writing.
• Leadership and Interpersonal Skills – Create a culture of continuous development and ownership with self and the team
• Inspire Commitment –Actions and behaviours are consistent with words.
• Self-Development – Pursues positive change in self and organization. Drives own personal development plan.

• Design, implement, and manage firewalls, intrusion detection/prevention systems (IDS/IPS), and Virtual Private Networks (VPNs).
• Monitor network traffic for anomalies, unauthorized access, and malicious activities.
• Secure wireless networks and segment networks to minimize exposure.
• Deploy and manage endpoint protection solutions, including antivirus, endpoint detection and response (EDR), and patch management tools.
• Harden workstations, servers, and mobile devices to prevent unauthorized access or malware infections.
• Manage user authentication systems, such as Single Sign-On (SSO) and Multi-Factor Authentication (MFA).
• Implement least-privilege access and role-based access controls (RBAC) across infrastructure.
• Regularly audit user accounts and permissions.
• Secure cloud environments by configuring identity, storage, and network controls.
• Monitor cloud activity for unauthorized changes, access, or misconfigurations.
• Implement cloud security best practices for providers like AWS, Azure, or Google Cloud.
• Perform vulnerability scans and manage the remediation of identified risks.
• Work with the Business Technology team to apply patches, updates, and configuration changes to address known vulnerabilities.
• Respond to and investigate security incidents affecting infrastructure.
• Perform root cause analysis and document lessons learned.
• Develop and test disaster recovery and business continuity plans.
• Ensure infrastructure aligns with security policies, standards, and regulatory requirements (e.g., NIST, ISO 27001, GDPR).
• Create and maintain infrastructure security policies and documentation.
• Set up and manage Security Information and Event Management (SIEM) tools for real-time monitoring.
• Review logs from servers, firewalls, and other devices to identify threats.
• Work with BT and DT teams to implement secure configurations for routers, switches, and other infrastructure.
• Coordinate with third-party vendors to evaluate and improve infrastructure security.
• Stay updated on evolving infrastructure security threats, technologies, and best practices.
• Regularly assess the infrastructure security posture and recommend improvements.

• Proficiency in security technologies such as firewalls, intrusion detection systems, and encryption
• Knowledge and Experience in Cyber Defense techniques and technologies
• Technical skills in Unix and Windows and Python scripting skills.
• Demonstrate experience in writing technical reports and management reports for stakeholders is a must.
• Must possess above average problem-solving skills, organization skills, excellent and communication skills.
• Considered an out of the box thinker and displays a willingness to learn.
• Ability to maintain robust stakeholder engagements, a strong work ethic, and is a team player with the ability to work well independently.
• Ability to respond immediately to security incidents and provide post incident analysis.
• Ability to perform security systems testing both in-house and external systems before production deployment.
• Ability to educate employees on security best practices and promote a culture of security awareness.
• Advanced Business Architectural & IT Security skills
• Analytical Thinking & Inductive Reasoning
• Planning and Organization
• Strategic Perspective – Establish priorities, challenging goals and measurements consistent with these goals and organizational vision.
• Critical Judgement and Decision-Making – Define issues and focus on achieving workable solutions to obstacles.
• Good Communicator – Presents ideas effectively, clearly and concisely both orally and in writing.
• Leadership and Interpersonal Skills – Create a culture of continuous development and ownership with self and the team
• Inspire Commitment –Actions and behaviours are consistent with words.
• Self-Development – Pursues positive change in self and organization. Drives own personal development plan.

• A minimum qualification of a bachelor’s degree in computer science, Information Technology, or a related numerical sciences degree.
• A master’s degree specializing in digital security is an added advantage
• Professional information and cyber security certifications in relevant technologies such as Cisco, Microsoft, Unix / Linux will be an added advantage.
• At least one information security certification e.g. CISSP, CISM, CEH, CCSP etc.
• Experience and qualifications in Ethical Hacking
• Working Knowledge of systems architecture and systems development
• Knowledge and experience in Applications penetrations testing
• Skills and training in internet applications design and security
• Experience with Web Application Firewalls
• Experience in UNIX and Windows server administration is an added advantage.
• Experience with security frameworks and regulations such as PCI-DSS & ISO 27001.