Job Description

To protect the Bank’s information assets, IT systems, and digital infrastructure from internal and external cyber threats by implementing, monitoring, and continuously improving cybersecurity measures, frameworks, and awareness programs.

Key Responsibilities and Job Dimensions

Key Responsibilities

Cybersecurity Monitoring and Incident Response

• Monitor and analyse system logs, security events, and alerts to detect, investigate, and respond to cybersecurity incidents in real time.
• Conduct root cause analysis and lead incident containment, eradication, and recovery activities.

Security Architecture and Risk Management

• Support the design and implementation of secure IT systems and network architectures.
• Conduct regular vulnerability assessments and penetration testing, recommending mitigation measures to address identified risks.
• Collaborate with internal teams to perform risk assessments of new technologies, systems, and third-party solutions.

Policy Implementation and Compliance

• Enforce information security policies, procedures, and controls in alignment with global standards (e.g., ISO/IEC 27001, NIST).
• Ensure compliance with data protection and privacy regulations across all jurisdictions where the Bank operates.

Security Awareness and Training

• Develop and deliver cybersecurity awareness campaigns, training sessions, and phishing simulations to staff.
• Promote a security-conscious culture throughout the organization.

Business Continuity and Disaster Recovery

• Participate in the development, testing, and maintenance of the Bank’s business continuity and disaster recovery plans.
• Ensure critical data is securely backed up and can be recovered efficiently in case of a breach or system failure.

Decision Making/ Job Influence

• Makes tactical decisions on cybersecurity controls, tools, and remediation actions.
• Influences IT governance by contributing to security strategy and enterprise risk management.

Working Conditions

• Office-based with availability for after-hours incident response.
• May occasionally travel for audits, training, or cross-border coordination.

Requirements

Academic Qualifications

• Bachelor’s degree in Cybersecurity, Information Security, Computer Science, or a related field.

Professional Qualifications / Membership to professional bodies

• CISSP, CISM, CEH, CompTIA Security+, or equivalent industry certifications are required.
• Membership in a recognized cybersecurity or IT governance body (e.g., ISACA, ISC²) is an added advantage.

Previous relevant work experience required

• Minimum 5 years of hands-on experience in cybersecurity operations, ideally in banking, financial services, or a regulated environment.
• Experience with SIEM, firewalls, endpoint security, and vulnerability management platforms.

Functional Skills:

Behavioural Competencies/Attributes:

• Threat intelligence and incident handling
• Network security and cloud security tools
• Security assessments and penetration testing
• Regulatory compliance and IT risk management
• Scripting and automation (e.g., Python, PowerShell)
• High integrity and confidentiality
• Critical thinking and problem-solving
• Proactive and detail-oriented
• Communication and teamwork
• Resilience under pressure

• Monitor and analyse system logs, security events, and alerts to detect, investigate, and respond to cybersecurity incidents in real time.
• Conduct root cause analysis and lead incident containment, eradication, and recovery activities.
• Support the design and implementation of secure IT systems and network architectures.
• Conduct regular vulnerability assessments and penetration testing, recommending mitigation measures to address identified risks.
• Collaborate with internal teams to perform risk assessments of new technologies, systems, and third-party solutions.
• Enforce information security policies, procedures, and controls in alignment with global standards (e.g., ISO/IEC 27001, NIST).
• Ensure compliance with data protection and privacy regulations across all jurisdictions where the Bank operates.
• Develop and deliver cybersecurity awareness campaigns, training sessions, and phishing simulations to staff.
• Promote a security-conscious culture throughout the organization.
• Participate in the development, testing, and maintenance of the Bank’s business continuity and disaster recovery plans.
• Ensure critical data is securely backed up and can be recovered efficiently in case of a breach or system failure.
• Makes tactical decisions on cybersecurity controls, tools, and remediation actions.
• Influences IT governance by contributing to security strategy and enterprise risk management.

• Threat intelligence and incident handling
• Network security and cloud security tools
• Security assessments and penetration testing
• Regulatory compliance and IT risk management
• Scripting and automation (e.g., Python, PowerShell)
• High integrity and confidentiality
• Critical thinking and problem-solving
• Proactive and detail-oriented
• Communication and teamwork
• Resilience under pressure

• Bachelor’s degree in Cybersecurity, Information Security, Computer Science, or a related field.
• CISSP, CISM, CEH, CompTIA Security+, or equivalent industry certifications are required.
• Membership in a recognized cybersecurity or IT governance body (e.g., ISACA, ISC²) is an added advantage.