Engineer, IT Security Operations

First Capital Shared Services Ltd is looking to hire a skilled professional to join its IT Team as Engineer, IT Security Operations.

The Engineer, IT Security Operations will be responsible for maintaining and enhancing the First Capital Group’s operational security posture by monitoring, detecting, analyzing, and responding to security incidents. This role involves the maintenance and implementation of security controls and tools, ensuring compliance with the Group’s governance framework, regulatory requirements, and strategic objectives, and working closely with IT and business units to protect critical systems and data.

Key Responsibilities

• Coordinate daily IT security operations across all group entities.
• Monitor cloud security operations for hybrid or on-premises environment, ensuring consistent monitoring and protection.
• Maintain operational alignment with the IT Service Management framework and change management processes.
• Identify, triage, investigate and respond to security incidents in a timely manner.
• Coordinate incident response activities, including communication, escalation, and post-incident reviews.
• Maintain the Incident Response Plan (IRP) and coordinate simulation exercises.
• Stay ahead of emerging threats including AI-driven attacks, and ransomware.
• Provide timely reporting of incidents to management and regulators, as required.
• Perform vulnerability scans, review findings, and coordinate remediation with system owners.
• Ensure cloud-native services are included in patching and hardening efforts as applicable.
• Administer and optimize security tools (e.g., SIEM, endpoint protection, email security, DLP, etc.).
• Ensure security tools work smoothly with IT systems to allow unified monitoring and incident tracking.
• Work closely with the Infrastructure and Applications teams to ensure timely patching and hardening of systems, while also ensuring Group security standards are followed in IT and business projects.
• Participate in project reviews, risk assessments, and solution designs to integrate appropriate security controls early in the lifecycle (“security by design”).
• Ensure compliance with regulatory guidelines and standards.
• Support internal and external audits, penetration tests, and regulatory reviews.

Qualifications & Skills

• Minimum a Diploma or Degree, preferably in Information Technology, Computer Science or a closely related discipline.
• Minimum 5 years of work experience in IT or Cybersecurity field, with at least 3 years’ proven experience in a security operations or technical role, preferably in the banking or financial services sectors.
• Strong hands-on experience with security monitoring tools.
• Good understanding of incident response processes, and vulnerability management.
• Relevant certifications such as CISSP, CISM, CEH, CompTIA Security+, would constitute an added advantage.
• Good communication, interpersonal and collaboration skills, with the ability to work effectively across departments and countries.
• Strong analytical and problem-solving skills, combined with practical, hands-on operational experience.
• Strong team player who works well with colleagues and supports team objectives.