The Coordinator - IT Security is responsible to assist Senior Manager/Manager - IT Security to plan, implement, upgrade, and monitor security measures for the protection of computer networks and information.

The Coordinator - IT Security is responsible to assist Senior Manager/Manager - IT Security to plan, implement, upgrade, and monitor security measures for the protection of computer networks and information. To ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure. To respond to computer security breaches and viruses and engagement with relevant authortiy to stay compliant.

 RESPONSIBILITIES:

• Analyze IT requirements and provide objective advice on the use of IT security requirements.
• Design, analyze and implement efficient IT security systems.
• Implement and monitor IT Security systems and elaborate monitoring reports & Key Risk Indicators (KRIs) to measure effectiveness of security controls.
• Risk assess new business/IT projects and provide recommendations to mitigate identified Information Risk issues.
• Risk assess roll-out of new technologies, elaborate technical standards, processes, and monitoring reports.
• Monitor Cybersecurity Threat Landscape to keep abreast about new security technologies, attack techniques, security breaches and incidents.
• Elaborate Information Security Incident Response procedures to ensure coordinated and well-planned response to react in case of cyber-attacks and other security incidents.
• Perform appropriate investigations/forensics on security incidents to determine root cause and recommend corrective measures.
• To carry out technical vulnerability assessments of IT systems and processes, identifying potential vulnerabilities, to make recommendations to control any risks identified.
• Contribute in Security Awareness initiatives.
• Document computer security and emergency measures policies, procedures, and tests.
• Gather feedback from end users to continue to improve IT security systems.
• Consult with IT colleagues to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications and software as part of Privacy by Design and Default.
•  Coordinate the implementation of technical controls to support and enforce defined security policies.
•  Research, evaluate, design, test, recommend or plan the implementation of new or updated information security hardware or software, and analyze its impact on the existing environment; provide technical and managerial expertise for the administration of security tools.
•  Develop a strong working relationship with the IT infrastructure, IT support, IT applications & IT network teams to develop and implement controls and configurations aligned with security policies and legal, regulatory and audit requirements.
• Good knowledge in virtual space, block chain and digital currency security environment.
• Provide Information security communication, awareness and training to the staff in collaboration with Learning academy.
• Engage effectively with appropriate external networks and external professional bodies.
• Stay abreast of regulatory changes including cybersecurity developments and their impact on IT requirements, including relevant data privacy requirements.
• Continuously improve processes and implement tools for policy management.
• Engage in red team and blue team battle.
• Engage in cyber drill rehearsal operation.

PREREQUISITES:

• Degree in IT field with any core security module accepted by the bank.
• Post graduate qualification in Technology security.
• Minimum of 5 years of work experience in Banking or Finance industry inclusive of 2-3 years of experience in IT Security Risk Management or Technology Risk or any other accepted by the bank.
• Proven experience in an information security role including experience of developing Information Security policies and with strong AI background.
• Working knowledge of the Data Protection Act (Mauritius) and the incoming General Data Protection Regulations (GDPR).
• Excellent knowledge in NIST-800 framework, ISO-27001 and PCI-DSS control.
• Good understanding of system technology security testing (vulnerability scanning and penetration testing, network review and OWASP

 SKILLS:

• Excellent knowledge and understanding of information risk concepts and principles as a means of relating business needs to security protocols operate on an AI platform
• Excellent understanding of information security concepts, protocols, industry best practices and strategies.
• Excellent planning, time management, organizing and problem-solving skills
• Good working knowledge of regulations within the Financial sector
• Excellent working knowledge of threat intelligence feeder