Role Purpose

The Cyber Security Specialist will be responsible for strengthening the bank’s IT risk posture by ensuring that all systems, processes, and controls operate securely and in line with regulatory requirements. This role focuses on proactive risk management, compliance with enterprise-wide frameworks, and safeguarding critical information assets against evolving cyber threats.

Key Responsibilities

Risk & Compliance Oversight (60%)

Cyber risk assessment: Evaluate exposures related to cybersecurity and align them with the bank’s defined risk appetite.

Regulatory monitoring: Track emerging risks, laws, and regulations to recommend timely actions.

Stakeholder collaboration: Work with teams across the bank to design and configure effective security controls.

Risk register management: Maintain and update registers of key risks, ensuring forward-looking identification and incident handling.

Policy implementation: Drive adoption of cyber and information risk management strategies, policies, and standards.

Information security: Safeguard the confidentiality, integrity, and availability of technology platforms.

Reporting: Prepare posture reports for submission to risk committees.

Vulnerability management: Identify, prioritize, and remediate vulnerabilities within agreed timelines.

Project security reviews: Ensure new initiatives undergo security assessments aligned with policies.

Testing coordination: Manage penetration tests, red team engagements, and audits with internal and external assessors.

Incident response: Collaborate with the incident response and forensics teams to contain and remediate threats.

Regulatory reporting: Report incidents to regulators in line with prudential guidelines.

Risk Measurement & Reporting (20%)

Establish parameters to measure cyber risk exposure.

Monitor adherence to policies and standards, driving remediation where needed.

Provide consistent, comprehensive risk reporting to senior leadership and stakeholders.

Awareness & Training (10%)

Lead cybersecurity awareness programs across the bank.

Develop customer-facing awareness circulars.

Deliver tailored awareness sessions for board members.

Threat Intelligence & Research (10%)

Research emerging cybercrime trends and share actionable intelligence.

Coordinate red team exercises and penetration testing for applications and infrastructure.

Risk & Control Objective

All activities must comply with regulatory requirements, enterprise-wide risk frameworks, and internal policies. The role requires proactive management of risks and incidents relevant to cybersecurity operations.

Skills & Competencies

Strong knowledge of Linux and Windows operating systems.

Expertise in network monitoring and traffic analysis.

Hands-on experience with vulnerability assessment and penetration testing.

Proficiency in risk assessment and incident response.