Information Security Specialist

Job description

Under general supervision, the Information Security Specialist performs technical tasks and monitoring activities in the area of information security to ensure compliance with bank policies. He or she prepares status reports for senior management, works on the development and improvement of security projects, and monitors the IT security infrastructure for the business units to identify, mitigate, and control risks.

Tasks and responsibilities

• Carry out IT security activities to ensure high-quality, cost-effective service for customers.
• In-depth knowledge of security tools such as log aggregators, firewalls, proxies, DLP, and others.
• Monitoring and controlling infrastructure data by implementing agreed-upon rules and standards within the business unit to mitigate and manage data security risks.
• Conducting risk and security analyses, penetration tests, and other security assessments to identify potential security risks and vulnerabilities and find solutions.
• Technical expertise in IT architecture, web applications, and networks.
• Assisting in the review of drafts, development, and specifications for new or revised processes, systems, information, documentation, and support materials.
• Supporting the timely and accurate delivery of security projects and initiatives within specifications and budget constraints.
• Responsibility for understanding and complying with all bank policies, procedures, and standards, as well as legal and regulatory requirements relevant to one’s position.
• Monitoring of user activities related to application and system security.
• Performing routine security administration and maintenance for all systems and banking applications.
• Reporting incidents in which users do not comply with bank policies and ensuring that the issues are resolved promptly.
• Help implement new and innovative processes or technologies to advance the information security program.
• Stay up to date on current and emerging technical developments in the field of information security.
• Maintaining the confidentiality of corporate information, including specified security measures and controls.
• Effective collaboration with IT, Audit, Internal Control, the headquarters, and other groups as needed.
• Technical knowledge of operating systems from an information security perspective.
• A basic understanding of the company's technology and IT systems.
• Planning, research, and design of security architectures.
• Test the final security system and update and upgrade it as needed.
• Quick and effective response to all security incidents and provision of follow-up analyses.
• Supervising and leading the security team, promoting security awareness.
• Stay up to date on the latest security systems, standards, authentication protocols, and products.