Advertising

Absa Group Recruitment 2023 – Application Portal

Absa Group Recruitment 2023/2024.  Absa Group invites interested applicants from suitably qualified candidates for Absa Group Recruitment 2023.

If you are a Ghanaian or you live in Ghana, this is an opportunity for you to get recruited. because Absa Group is currently Recruiting new workers.

Advertising

Available Positions Include:

1. Job Title: IT Security Engineer

Advertising

Job Description

Accountability: Policy Development and Enforcement (15%)

This multifaceted role encompasses not only the implementation of security measures but also the development, communication, and enforcement of security policies and standards. Your contributions will be instrumental in fostering a security-conscious environment, mitigating risks, and ensuring that the Bank’s IT systems, networks, and data remain secure and compliant with industry regulations and best practices.

Security Policy Development and Enforcement:

Advertising
  • Develop, review, and update security policies, standards, and procedures in alignment with the Bank’s policies and industry regulations, best practices, and organizational objectives.
  • Ensure policies reflect the Bank’s risk appetite and are tailored to address specific security challenges.
  • Regularly evaluate the effectiveness of security policies through feedback, incident analysis, and industry benchmarking, and make iterative improvements.

Policy Compliance and Auditing:

  • Monitor and enforce adherence to security policies and standards across the organization.
  • Conduct regular audits and assessments to identify policy violations and recommend corrective actions.

Policy Gap Analysis:

  • Regularly conduct gap analysis to identify areas where security policies need adjustment or enhancement to address new risks or technologies.
  • Policy Advocacy and Communication:
  • Act as an advocate for security policies, educating stakeholders about their importance and relevance to the organization’s security posture.
  • Engage with legal, compliance, and other relevant departments to ensure security policies align with broader organizational objectives.

Security Awareness Campaigns:

Advertising
  • Lead or contribute to security awareness campaigns, designing engaging content and activities to educate employees on policy changes and best practices.

Accountability: Stakeholder Management (15%)

  • Identify, analyse, and understand expectations from relevant stakeholders.
  • Effective management of stakeholders throughout the information security lifecycle.
  • Consultations with Accountable Executive / sponsor to report progress on IT security posture, escalate issues etc.
  • Communication with various businesses and other enablers to support IT security related activities when required.
  • Prepare and deliver presentations on security policies, incidents, and improvements to executive leadership.
  • Translate technical security concepts into business-friendly language for executives and non-technical stakeholders.
  • Facilitate change management processes when introducing new security policies or practices that impact established workflows.
  • Provide support to teams adapting to changes, addressing concerns, and ensuring smooth transitions.
  • Collaborate with external partners, vendors, industry groups, and regulatory bodies to align security practices and share insights on policy development and enforcement.
  • Tailor security policy communications and engagement strategies to cater to different audiences within the organization, ensuring effective understanding and adoption.
  • Address conflicts and disagreements related to security policies with a focus on finding common ground that balances security requirements and operational needs.
  • Seek feedback from stakeholders to improve security policies and address gaps that may arise from real-world application.
  • During security incidents or breaches, collaborate with communication teams to ensure accurate and transparent communication with stakeholders, maintaining trust and credibility.
Read Also:  Cocoa Research Co-operative Credit Union LTD Recruitment 2023

Accountability on all of the below (60%)

Vulnerability Assessment:

  • Conduct regular vulnerability assessments using automated scanning tools, manual testing, and other techniques to identify security weaknesses across the organization’s technology landscape.
  • Analyse and interpret vulnerability scan results to prioritize and address the vulnerabilities identified.
  • Stay updated with the latest threat landscape, emerging vulnerabilities, and attack vectors.

Patch Management:

  • Collaborate with system administrators, developers, and other stakeholders to plan and execute patch management strategies.
  • Research and test patches for compatibility and impact before deployment to ensure minimal disruption to systems and services.
  • Develop and maintain a comprehensive patching schedule, ensuring timely deployment of security updates.

Remediation Planning and Execution:

  • Evaluate the risk associated with identified vulnerabilities and work with relevant teams to develop effective remediation plans.
  • Provide clear guidance and recommendations to system owners and administrators on patching and mitigation strategies.
  • Monitor and track the progress of vulnerability remediation efforts, escalating critical issues as needed.

Incident Response:

  • Participate in incident response efforts by identifying vulnerabilities that may have contributed to security incidents and breaches.
  • Contribute to the development of incident response plans and processes that involve vulnerability management.

Documentation and Reporting:

  • Maintain accurate and up-to-date records of vulnerabilities, patches applied, and their outcomes.
  • Generate regular and ad hoc reports on vulnerability assessment findings, patching status, and overall security posture for management and relevant stakeholders.

Continuous Improvement:

  • Continuously evaluate and enhance vulnerability assessment and patching processes to adapt to changing threat landscapes and technology environments.
  • Provide insights and recommendations for security enhancements based on analysis of vulnerabilities and their potential impact.

Threat Intelligence Integration:

  • Stay informed about the latest threat intelligence, vulnerabilities, and exploits through reputable sources.
  • Incorporate threat intelligence into vulnerability assessments to identify vulnerabilities that are actively being targeted by cybercriminals.

Testing and Validation:

  • Collaborate with the testing team to ensure that patches are thoroughly tested in a controlled environment before being applied to production systems.
  • Develop and execute testing scenarios to verify the effectiveness of patches in addressing identified vulnerabilities.
Read Also:  Baker Hughes Recruitment 2023- Recruitment Portal

Coordination and Communication:

  • Serve as a liaison between different teams, including IT, development, and security, to ensure seamless coordination of patching efforts.
  • Communicate effectively with stakeholders about the urgency of patch deployment, potential risks, and necessary downtime.

Research and Analysis:

  • Conduct in-depth analysis of zero-day vulnerabilities and emerging threats to assess potential impact on the organization.
  • Collaborate with security researchers and external vendors to gather insights into vulnerabilities and available patches.
  • Stay current with emerging security threats, trends, and technologies. Share knowledge and insights with the team and the organization.

Automation and Scripting:

  • Develop and maintain scripts and automation tools to streamline vulnerability scanning, patch testing, and deployment processes.
  • Identify opportunities to automate routine tasks to improve efficiency and accuracy.

Configuration Management:

  • Collaborate with configuration management teams to ensure that systems and applications are built and deployed with security in mind.
  • Provide guidance on secure configuration settings to reduce the attack surface.

Training and Awareness:

  • Conduct training sessions or workshops for technical teams to enhance their understanding of vulnerabilities and the importance of timely patching.
  • Raise awareness among non-technical stakeholders about the impact of vulnerabilities and the organization’s efforts to address them.

Third-Party Risk Management:

  • Assess vulnerabilities in third-party applications and services that are used by the organization.
  • Collaborate with procurement and vendor management teams to ensure that vendors adhere to security requirements and provide timely patches.

Metrics and Reporting:

  • Develop and maintain key performance indicators (KPIs) to measure the effectiveness of vulnerability management and patching processes.
  • Generate executive-level reports that provide insights into the organization’s security posture and improvements over time.

Regulatory Compliance:

  • Ensure that vulnerability and patch management processes align with relevant regulatory frameworks and standards.
  • Participate in audits and compliance assessments related to vulnerability management.

Security Architecture Design:

  • Collaborate with IT architects to develop and implement robust security architectures for new and existing systems and applications.
  • Design security solutions that align with business requirements and industry best practices, encompassing technologies such as firewalls, intrusion detection systems, encryption, and authentication mechanisms.

Education And Experience Required

  • Bachelor’s or master’s degree in computer science, Information Technology, or a related field.
  • Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or CompTIA Security+.
  • Strong knowledge of network protocols, firewalls, intrusion detection/prevention systems, and security technologies.
  • Familiarity with operating systems (Windows, Linux), network architecture, and cloud security.
  • Excellent problem-solving skills and the ability to respond quickly to security incidents.
  • Strong communication skills to effectively collaborate with team members and stakeholders.
Read Also:  Dangote Cement Ghana Recruitment 2023 - Recruitment Portal

Knowledge & Skills: (Minimum of 3)

  • Experience of employing IT security management best practices and disciplines
  • Awareness of the Bank including systems, products, and services
  • Experience of managing activity across the whole of IT security lifecycle, using current technology, structured methods, and a quality process
  • Exposure to governance, control, and risk management
  • Proven ability to effectively work within teams at all levels.
  • Strong understanding of common security vulnerabilities, attack vectors, and mitigation strategies.
  • Proficiency in vulnerability scanning and assessment tools.
  • Experience with patch management processes and tools.
  • Solid understanding of network protocols, operating systems, and application architectures.
  • Strong analytical and problem-solving skills.
  • Effective communication skills to collaborate with technical and non-technical stakeholders.
  • Ability to work independently and as part of a team.
  • Knowledge of regulatory requirements and security standards (e.g., GDPR, ISO 27001, PCIDSS) is a plus.

Competencies: (Minimum of 3 competencies)

  • Management and leadership
  • Exceptional service and results orientation.
  • Superior analytical, evaluative, and problem-solving abilities.
  • Ability to work under pressure and time constraints.
  • Excellent self-organization and self-direction in performance of tasks, including time management skills.
  • Ability to set and manage priorities.
  • Maintaining up-to-date knowledge of technological advances is crucial.

Education

Higher Diplomas: Physical, Mathematical, Computer and Life Sciences (Required)

How to Apply

Submit your CV and Application on Company Website : Click Here

Closing Date : 15th September, 2023

IMPORTANT NOTICE:

  • The Absa Group DO NOT demand or accept gifts or gratification to offer employment.
  • Do not offer money to anyone before, during or after the recruitment exercise. Any candidate found doing either of these would be summarily disqualified and prosecuted.

CAUTION: Candidates who wants to Apply for this Recruitment should be very sensitive and careful, We hereby Advice that Candidates should visit the Recruitment PORTAL or WEBSITE and follow the Steps outlined for Application. DO NOT GIVE MONEY to any agent proving to get you Recruited Please take Note.

For more Questions and further Information pertaining to this recruitment get in touch with us on the Comment Space Below.

 

Few things to know before Apply for Absa Group Recruitment 2023

To apply for the Absa Group Recruitment Recruitment 2023. Below is what you need to know:

  • Make sure you confirm the deadline of any advertised position before submitting an application.
  • Make sure you meet all minimum Absa Group Recruitment Recruitment requirements and possess any required document before submitting an application.
  • Follow the details on each individual position to apply.
Advertising

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *