INFORMATION SECURITY SPECIALIST

Responsabilities:

• identifying and providing analysis of vulnerabilities of computer systems;
• proposing measures for minimizing the risks of cyber security incidents;
• identifying possible threats and vulnerabilities, implementing the appropriate procedure in order to neutralize the risks;
• investigate and do reports on security-related incidents;
• analyzing, testing and deploying security solutions from vendors;
• offering consultancy, on security matters, for other projects developed within the bank;
• supervising and investigating new cybersecurity threats.
• Excellent communicator, who can be assertive towards multiple stakeholders
• Team worker but also able to work independently
• Able to work in stressful situations
• Organized and who follows a “problem-solving” and “results-oriented” approach
• University degree (technical preferred);
• Strong IT background allowing deep understanding of the information technology and IT security area
• Over 5 years expertise in IT field

• 3 year expertise in IT/Information security.
• Network information security knowledge – average
• Risk awareness - Medium
• English language – Medium/Advanced
• Negotiation skills - Medium
• Certification in one of ISO 2700X / CEH / CISM / CISSP / Network Security (CCNA) or MCSE is an advantage 

Requirements & skills:

• understanding of server logs and data flows;
• knowledge of Pen-testing
• knowledge of internal security tools;
• Management and security incident response plan
• Knowledge in infrastructure, networks, database management, programming, security principles
• Conduct application and infrastructure security and vulnerability assessment
• Perform proactive research to identify and understand new threats, vulnerabilities and exploits
• Support IT department and business functions on setting up controls to proactively manage the information security related risks
• Internal contact for questions related to IT and Information Security
• Advice and support regarding Information Security requirements for IT Assets and processes
• Participate in the implementation of the security architecture, both in terms of infrastructure and applications.
• Investigate security incidents and define remediation plans accordingly
• Perform technical and organizational controls to assess the importance of risks;
• Define areas of improvement and propose solutions, formulate relevant recommendations;
• Ensure the follow-up of issued audit recommendations until risk coverage.
• Performs the management of the IT security Applications
• Performs updates to IT security Applications (new threats, scenarios, policies, settings, etc.)