Security Specialist – Protection & Access

The Protection & Access Security Specialist researchs, develops, implements, tests and review the organisation’s information security in order to protect information and prevent unauthorized access. The person in the role protects systems by defining access privileges, control structures, and resources.

1.Protects the company from unauthorised access to information and breaches by analysing vulnerabilities and threats with the view to implement, improve implementation and Administer controls such as Identity and Privilege Access Management and Data-Loss Prevention solutions that enforce the least privilege and need-to-know compartmentalisation;
2.Works closely with the SOC team to ensure integration of controls and with Cybersecurity team to ensure that core control systems are adequately protected. 
3.Plays a pivotal role in security architecture and works closely with applications, E-channels team and developers to ensure that access is authenticated and authorized correctly with the right number of factors while being integrated with directory services.
4.Assist the team in ensuring that we follow best practices with AAA and directory services.
5.Policy, standards and procedures creation and organisational acceptance.
6.Must have programming experience to be able to ensure secure systems development throughout the complete system life cycle.
7.Works with the Infrastructure team to ensure that Backup and DR are based on sound security principals that take business into account.
8.Consults with functional unit management and personnel to identify, define and document business needs and objectives, current operational procedures, problems, input and output requirements, and levels of systems access to ensure proper control of digital assets by creating standards, roles and lists and groups that enforce good security principals;
9.Researches, recommend and review new IT security systems and solutions to ensure the Bank uses modern solutions to address exposure to fast-changing global security risks and make recommendations to IT Management for medium to long term planning;
10.Identifies opportunities for improving business processes through information systems and non-system driver changes; assists in the preparation of proposals to develop new systems or operational changes; 
11.Creates and implementing security-related disaster recovery plans by conducting disaster recovery planning and testing on controls within the scope of the role, in case of a disruption to business operations ensuring that at least the same level of security exists during disasters and their aftermath and where not possible that business is aware of the risk and its potential impact;
12.Continuously make all staff in radar more aware of their responsibility in making the organisation more secure. Attention should be focused primarily on staff whose duties gives them privileged access or whose functions can make or break security and privacy;
13.Documents security systems technically and administratively;

Qualifications: 

•Bachelor’s Degree in Computer Science or Diploma in Information Systems with five years of Information Security experience in a Security Engineering role
•As many Security Industry related Certifications as possible, e.g. CISSP, CISA, CASP+, CEH, OSCP, any GIAC, any SANS. 
•Programming qualifications in relevant languages with emphasis on secure coding
•Product Specific Qualifications like Cisco Security Certs, CCSA/E, F5-CA/CTS/CSE, Fortinet NSE4-8 but some specifically in Privileged Identity Management, Identity Management and Access Control including MFA and SSO systems. DLP qualification.
•Proof of continuous learning

Background/Experience:
Technical: 
•Understanding and knowledge of control frameworks ISO 27002 and CIS 
•Information Security Engineering Experience
•Information Security Architecting Experience
•Solid Experience in the following a must:
oPrivileged Identity Management and control
oAD, AAA & Access control systems 
oPAM
oMulti-Factor Authentication systems
oSingle Signon 
oSAML & OAuth
oDLP
oBackup systems & DR
•Strong Administrative Experience on mentioned security tools 
•Development experience to work with developers 
•Technical writing including the creation of policies, standards, procedures & guidelines
•IT Security Audit fundamentals
•Sound IT Security systems concepts and principles 
•Complex modelling techniques 

Analytical: 
•Analytical and conceptual expertise
•Identity & Access Management
•Privileged Identity Management 
•DLP
•Forensic analysis
•Planning, documentation, analysis and business requirements management techniques 
•Object-oriented analysis 
•Evaluation of profitability/risk 
•Testing, verification and validation techniques 
•Creation of the Business Requirements Document
•Administrative and reporting abilities 

Business: 
•Knowledge of business processes within the context of Financial Services
•Improvement of business and engineering processes 
•Strategic planning 
•Case development
•Business writing 
Coaching: 
•Confidentiality, ethical behaviour, privacy & integrity
•Policies, procedures, standards and guidelines
•Secure coding practices
•IAM & PAM

Communication: 
•Ability to formulate concepts 
•Communication of technical information to a non-technical audience 
•Communication of business information to a technical audience 
•Negotiation Skills 
•Tactful