Security Engineer

Role (Overall Accountability) He is responsible for the following: • Administration, operations management, device monitoring, and technical support of the Security Systems of the bank pertaining to the Test and Development environment. • Assisting the security operations team in evaluating, testing, and implementing new security products, projects, and services. • Supporting IT Security Projects’ team members. The Security Systems referenced here comprise, but not limited to, the following system under the Test and Development environment: • Firewalls • Web Application Firewalls • Web Filtering • Unified Threat Management • DDOS Mitigation • Network & Firewall Compliance Tools • Network Monitoring • Intrusion Prevention Systems • Consolidated Endpoint Security, comprising: o Anti-Virus o Data Leak Prevention o Disk Encryption o Threat Prevention o Device Control o Endpoint Detection and Response o Adaptive Threat Prevention o Application Control o Change Control o File Integrity Monitoring • Multi Factor Authentication System • Database Activity Monitoring • File and Folder Encryption • Data Classification • Content Scanning Solution Official Information Technology Department IT Security Operations Job Description This Document is classified as Official Page 2 of 3 Principal Accountabilities • Installation, administration and monitoring of bank’s security systems, and other new technologies that will be implemented in the future. • Backup, patch, update, and upgrade the security systems of the bank, while adhering to the Change and Release Management procedures implemented in the bank. • Perform system health checks for all Security devices on periodic basis. • Ensure that a detailed impact analysis of any change request is carried out and viable and tested solution is recommended. • Review and update management and procedure documents to ensure that all changes in the processes and systems are adequately documented and up to date. • Manage AMC renewals for all IT security systems, devices and infrastructure. • Coordinate with the auditors (internal, external, and CBO) and assisting them in performing their duties while auditing the security systems. • Participate and lead new projects and initiatives related to IT security. • Monitor security systems’ capacity utilization and plan for enhancements proactively. • Monitor Internet usage and report exceptions. • Generate MIS reports for all security components. • Ensure availability of all security systems on 24*7 basis. • Supervise and ensure that all DR failover and failback tests are carried out successfully. • Coordinate with his superiors in resolving issues and complaints. • Coordinate with internal teams and external vendors to resolve issues and/or to implement system changes. • Ensure regular updates on progress are conveyed to superiors. • Ensure high quality deliverables and work products are provided and meet commitments for the schedule on satisfying the bank’s user needs. • Must build a strong sense of commitment among all his team members to meet the user satisfaction levels. • Ensure that appropriate corrective and preventive actions are undertaken and resolve problems as soon as they arise. Key Interaction Individual / Entity Purpose All users in the Bank For security administration and support. Official Information Technology Department IT Security Operations Job Description This Document is classified as Official Page 3 of 3 Personnel Specifications Must be a graduate in Computer Science, Information Systems or equivalent IT disciplines, with 4-6 years of experience in the IT Security discipline. The candidates should have strong technical background in the following areas: • Master’s Degree in Cyber Security is a plus. • Certifications in Cyber security/ IT Security / Risk - CISSP, CISM, CISA, GIAC, CEH, CRISC etc is a plus. • Must have good knowledge of Standards such as ISO 27001, ISO 27005, PCI-DSS, CoBIT etc. Product certification such as CCNP, PCNSE, is preferable. • Product trainings/certifications based on other technologies such as Juniper, RSA, Proxy and IPS devices is preferred. • Hands-on experience on installation, administration, trouble shooting and user support of security products such as firewall/VPN, IDS/IPS, proxy servers, content filtering SW etc. • LAN/WAN networking technologies, communication topologies and TCP/IP and other Network protocols, etc. • Intranet, Internet and other web technologies. • Windows/Unix/Linux operating systems and internetworked environments. • OS and DB hardening procedures (Windows/Unix/Linux and Oracle/SQL etc.) • Documentation MIS preparation and reporting. • Good communication and presentation skills with good command of spoken and written English. • Good interpersonal relations with pleasing personality. Signature of the staff Date Signature of the line manager Date *******

Job Type: Full-time

Pay: RO700.000 - RO1,400.000 per month