Cyber Security Officer (Finance Sector)

ARE YOU AN EXPERT IN CYBER SECURITY? WORKED IN THE FINANCE SECTOR? THEN THIS COULD BE YOUR NEXT CAREER MOVE!

Cyber Security Officer (Finance Sector)               

Overview: Our client is one of the longest established Financial Services organisations in Barbados. Due to on-going I.T Infrastructure investment, they are seeking a proven proffesional to join the technology team. 

Reporting to the Chief Technology officer, the Cyber Security Officer will assist in ensuring that the security architecture is aligned with security policies and tactical operating processes, procedures and standards, to secure and protect the information assets and computing infrastructure.

DUTIES & RESPONSIBILITIES

• Co-ordinating with various vendors on the evaluation of security technologies. 

• Assisting with the coordination of information security incident response and reporting for events or exploited vulnerabilities including unauthorized system or network access, denial of service, inappropriate data access, data corruption and/or collection of private or confidential information. 

• Monitoring network usage to ensure compliance with security policies. 

• Monitoring computer networks for security issues, installing security measures and operating software to protect systems and information infrastructure, including firewalls and data encryption programs.

• Collaborating with the System Administration team to perform network tests and resolving identified vulnerabilities to maintain a high-security standard.

• Researching and staying up-to-date on information technology trends, security standards and enhancements and making recommendations to the Bank’s management.

• Updating software with the latest security patches and ensuring the proper defenses are present for each network resource.

• Performing and supporting day-to-day IS security monitoring using security information and event. management (SIEM), Data Loss Prevention (DLP), End-point solution, IDS/IPS, and other malware detection software.

• Performing vulnerability and penetration tests, identifying, and defending against threats, and developing disaster recovery plans

• Assisting with the development and updating of Information Security (IS) policies, standards, guidelines and procedures in alignment with the Bank’s standards framework.

• Creating network policies and authorisation roles and defending against unauthorised access, modifications, and destruction

• Maintaining an information security risk register and assisting with internal and external audits relating to information security

• Assisting with the creation, maintenance and delivery of cyber security awareness training for the staff

• Developing company-wide best practices for Information Technology (IT) security and providing advice and guidance to staff to generate information security consciousness and understanding in the use of security protocols.

Desired Education & Experience:

• A bachelor’s degree in cyber security, Computer Science, Information Systems, or related field with a minimum of five (5) years’ experience in an information security or related field

• Certifications from a related cyber security professional body, e.g. CISM, CISA, CISSP, experience in management, deployment and maintenance of security infrastructure and effectively managing vendors and working in cross-functional teams will all be assets.

• Relevant work experience of monitoring compliance with regulatory requirements and engaging with regulatory bodies is required.

• Strong change and project management skills, including the ability to manage time well, prioritise effectively, and handle multiple deadlines.

• A strong understanding and knowledge of computer, network, and security systems.

• Strong analytical, critical thinking, and problem-solving skills.

• Sound knowledge of and experience with computer network penetration testing and techniques.

• Sound understanding of firewalls, proxies, security information and event. management (SIEM), antivirus, and intrusion detection and prevention system (IDPS) concepts.

• Good understanding of patch management and the ability to deploy patches in a timely manner.

• Proficient with Windows OS.

• Experienced in installing security software and documenting security issues.

• Ability to assess business risks and impact and enforce appropriate information security measures.

• Proven problem solver with ability to provide in-dept analysis of complex problems, manage risks and provide insight into decisions.

• Proven ability to conduct training.

• General knowledge of information security standards such as ISO 27001/2/17, NIST 800-53, or NIST cyber security framework,

• Ability to ensure standards and parameters for any systems on the Bank’s network are correct and as close to correct as reasonably can be expected.

• Demonstrates responsibility for continuing development of skills, for knowledge and information management in the context of work.