Jobs

Ongoing recruitment at First Bank of Nigeria Limited 7th May 2019

May 8, 2019, 12:08 AM
ICT & Telecommunications
Oracle

First Bank of Nigeria Limited (FirstBank) is Nigeria's largest financial services institution by total assets and gross earnings. With more than 10 million customer accounts, FirstBank has over 750 branches providing a comprehensive range of retail and corporate financial services. The Bank has international presence through its subsidiaries, FBN Bank (UK) Limited in London and Paris, FBNBank DRC, FBNBank Ghana, FBNBank Gambia, FBNBank Guinea, FBNBank Sierra-Leone and FBNBank Senegal, as well as its Representative Offices in Johannesburg, Beijing and Abu Dhabi. We are recruiting to fill the vacant positions below: Job Title: Infrastructure Monitoring Officer Ref: 1900003C Location: Lagos Job: IT. OPS Job Family Organization: Technology and Services Schedule: Regular Shift: Standard Job Type: Full-time Description/Requirements

Communications skills (written and oral) and understanding of outbound /transferred call scripts including e-mail script.
Evaluate and report alerts generated on the Intellinx investigation center.
Ensure that alerts generated receive prompt response and proper placement.
Resolve alerts generated on Intellinx investigation center and ensure proper reassignment where necessary or the closure of such alerts.
Ensure all alerts generated within the shift window are resolve
Ensure that all alerts/incidents generated are properly reviewed and close properly.
Review close incidents
Review the white/black list of users.
Ensure alerts case management are properly documented.
Answers inquiries by clarifying desired information, researching, locating, and providing information
Resolves customer’s challenges by clarifying issues, researching and exploring answers and alternative solutions; escalating unresolved problems.
Virtual interface with external customers through telephone engagement.
Interactions with a lot of applications that holds customers information for investigations
Extensive use of office productivity tools (Excel, word etc.)
Computer appreciation skills with graphical knowledge
Reasoning and analytical skills in customer problem resolution.

Qualifications Education:

Minimum Education: First Degree in any field.

Experience:

Minimum experience: 2 years relevant experience

Job Title: Unit Head, Information Security Program Management Job ref.: 1900003J Location: Lagos Job Type: Full-time Schedule: Regular Shift: Standard Job Descriptions

Coordinate the development, implementation and maintenance of an information security program, process and plan for FirstBank.
Manage the definition of information security roles and responsibilities
Coordinate the resource allocation process for information security operations department ensuring that adequately trained, skilled resources are available to implement the information security program and plan.
Lead cross-functional program teams in security remediation planning and execution of security programs by planning and tracking of tasks, schedules, resources and dependencies - facilitate & drive project meetings
Raise accountability; escalate issues in a timely manner and create and maintain detailed Project Plans
Champion & contribute to project management best practices and innovate & champion processes/methodologies at project level
Manage the process of Identifying , managing , and maintaining the security work products, resources required to implement the information security program and plan
Communicate and coordinate relationship with internal and external stakeholders including third party organizations, service providers, equipment manufacturers and other Strategic Business Units on Information Security initiatives and programs.
Manage the Security budget of the department, allocate and manage funding for all information security activities
Coordinate the measurement and monitoring of cost, schedule, and performance against the information security plan and set strategic objectives.
Engage and coordinate relationship with relevant stakeholders from the security environment (internal and external)
Review the status of the information security program with higher level managers
Identify, review, assess, and enable business functions that impact information security.
Work with other security departments to ensure that FirstBank is pursuing a coordinated strategic for the protection of its information assets.
Coordinate enterprise projects, assign resources from ISOD and coordinate the implementation of Bank wide initiatives aimed at improving security across the Bank.
Formulate framework, policies and enterprise projects and departmental projects that will ensure the ongoing security of the Bank.
Manage project and provide status to Head, Information security Operations Department
Establish and maintain excellent working relationships/partnerships with external partners.
Manage relationship with security equipment manufacturers, vendors and consultants.
Support products and services offered by the Bank to ensure balance between customer assets security and product and service experience.
Perform secondary support for upgrades and apply patches and/or bug fixes

Qualifications Minimum Education:

First Degree in Computer Science/Engineering, Higher Degrees
At least three relevant professional certifications as appropriate

Experience:

Minimum experience - Ten (10) years relevant working experience and 3 year working experience at supervisory level

Job Title: Threat Intelligence & Management Analyst Ref: 1900003I Location: Lagos Job: IT. OPS Job Family Organization: Technology and Services Schedule: Regular Shift: Standard Job Type: Full-time Description

Assist to review the Banks products and services to ensure inherent security threats are mitigated
Assist in driving security implementation in the design of new products, services and process in the Bank
Assist to conduct regular reviews of databases and applications to identify threats and remediate accordingly
Assist to review physical access control measures put in place in the Banks offices, buildings and environment bank-wide
Conduct regular reviews of the Banks offices and other banks facilities to ensure that vulnerabilities and threats are identified and treated.
Provide support as needed when a business disruption occurs.
Identify opportunities to enhance detection systems and security controls to counter known threats.
Monitor technology systems to identify, analyze, evaluate, treat, accept, and communicate security threats and risks
Provide support during changes to existing systems and implementation of new systems
Continuous monitoring of technology (e.g. network, systems, etc.) security to ensure compliance and optimal performance
Assist with operational risk assessments and escalate key issues (where necessary)
Contribute to the assessment of the effectiveness of security controls (in conjunction with internal control and other auditory bodies)

Qualifications Education:

Minimum Education: First Degree in Computer Science/Engineering, Higher Degrees/Professional Certificates

Experience:

Working knowledge of PCI DSS
Working knowledge of ISO 27001
Good understanding of Best Practices Security architecture.
Knowledge of the Banking industry and banking Operations
Knowledge of the Banking applications, services/products
Knowledge of the Software development Lifecycle
Knowledge of Physical Security
Knowledge of risk assessment and risk treatment procedures

Job Title: Database Security Management Analyst Job ID: 19000039 Location: Lagos Description

Coordinate the planning & design of enterprise database security architecture
Coordinate program designed to ensure security of the banks database systems and information assets.
Maintain systems to protect against unauthorized access, modification, or destruction Identifies, reports, and resolves security violations.
Manage user’s access and permission control for various database and management systems.
Coordinate the analyses, development & implementation process for improvement using security tools such as DAM. Assist with the implementation of classification and categorization schema of data.
Support the full system engineering life-cycle including requirements analysis, design, development, testing and implementation, assessment, authorization and monitoring of the information systems such as Data Loss Protection and other database applications.
Manage the monitoring of database audit logs, Access Control List, password, and security assessment reports access on databases.
Conduct risk assessment and provides documentation regarding product deficiencies, change or software issues.
Provide and develop technical topics, lessons learned and training sessions for First Bank end users
Maintaining the access control and permission for all databases and monitor the access and use of databases for likely breaches and threats.
Support the requirements analysis, design, development, testing, and implementation for the data / content management system
Maintain user access and permission control for various data management systems.
Perform desktop support and troubleshooting for the various Databases.
Conduct risk assessment and provides documentation regarding database issues.
Create standards in Database Security processes, procedures and audit requirements
Conduct security tool selection, pilot and implementation

Requirements

Minimum Education: First degree in Computer Science/Engineering, Systems Engineering or with strong Information Security component
Database Security knowledge the following platforms - Oracle (8i, 9i, 10g, 11g), Informix (9, 10, 11), MS SQL Server (6.5, 7, 2000, 2005, 2008), DB2 (8, 9), Sybase (11, 15), Teradata. Certified IBM DB2 DBA, version 8.
Minimum experience: 3 years banking experience

Job Title: Team Lead, Electronic Transaction Monitoring Job ref.: 1900003E Location: Lagos Job Type: Full-time Schedule: Regular Shift: Standard Job Descriptions

Oversee the management of Electronic Transaction monitoring for First Bank Group
Direct or Implementation Incident Reporting methodology for the Electronic Transaction Management
Direct or Implementation Incident Management methodology for the Security Operations Center.
Oversee the Security Systems monitoring for the Security Operations Center
Implement incidents analysis framework for capturing and development of lessons learnt in Security Operations Center.
Research and deliver security briefings to support Unit staff awareness and business planning
Oversee routine security reports and transactions threat Assessments and on occurrence Alerts
Co-ordinate and supervise the daily management of the SOC fraud investigation center for the Bank and ongoing implementation of other rules across the First Bank group.
Manage the Implementation of sound independent Technology control policies, practices and standards to mitigate all sources of Information Technology risks across all layers of Information systems around electronic transactions
Coordinate and ensuring prevention and /or detection of IT operational frauds/lapses/business losses for the SOC/Bank
Supervise the provision of quality assurance and effective User Acceptance testing (UAT) /change management process for the SOC/bank.
Co-ordinate and oversee the analyses and development of processing logic and data extraction scripts in the implementation that relates
Co-ordinate and manage the identification and resolution of SOC operational lapses, rejected events, system bugs and reconciliation issues Bank-wide.
Supervise and organize the execution of preliminary review and approval of proposed changes to system parameters and critical tables before implementation bank-wide as it relates to SOC.
Supervise the Implementation of sound logical access controls mechanisms such as segregation of duties or Role-based user managements on Major SOC application systems for the bank.
Co-ordinate and manage the implementation / deployment of subsequent fraud rules. · · Supervise the resolution of audit issues and exceptions on IT operations, Infrastructure and Enterprise security teams bank-wide.
Supervise implementation of fraud rules development/deployment for the group, across all platforms.
Supervise research on new fraud dynamics in the industry
Supervise the implementation of the Industry Fraud Desk for the Bank
Co-ordinate the implementation of Industry Fraud Management solution deployed by NIBSS.
Co-ordinate and oversee the Industry Fraud desk.
Developing strategies for Prevention and /or detection of IT operational frauds/lapses/business losses across platforms.
Ensure Critical Call-over /Exceptions reports are delivered to branches daily.
To develop strategies for the Automation of Electronic Transaction management processes and procedures (including scripting, Anti-fraud rules and use of specialized tools) to enhance productivity and operational efficiency of the division.
Developing and overseeing the Implementation of appropriate Role structures, review procedures and other transaction mechanisms to ensure fraud-free across various operating platforms.
Implement Electronic Transaction Management based on representations around spate of fraud and cybercrime on customer electronic transactions across other Africa countries.

Qualifications Education:

Minimum Education: First degree in any of any Science/Numerate discipline, MBA will be an added advantage

Experience:

Minimum experience - 11 years banking experience

Job Title: Team Lead, Information Assets Security Ref No: 1900003F Location: Lagos Organization: Technology and Services Schedule: Regular Job Type: Full-time Description

Develop and maintain inventories of information assets
Define, implement, assess, and maintain controls necessary to protect information and vital assets including media and paper-based information assets in accordance with security requirements
Develop and coordinate efforts aimed at the protection of enterprise information assets
Develop integration solution and operational processes for the safeguard of classified data and information enterprise wide.
Review existing policies, and coordinate efforts at automating such policies towards protection of information assets in the Bank.
Provide support for the overall coordination of data protection and information leakage prevention across all platforms across the bank
Establish and maintain excellent working relationships/partnerships with the cyber security and infrastructure support teams throughout the Information Technology organization, as well as business unit stakeholder SMEs to ensure coordinated efforts in the protection of information assets.
Develop process and methodologies to enhance data loss prevention management across multiplicity of the banks applications and products.
Benchmark against security and fraud management implementation against applicable industry and international standards, develop appropriate event triggers and red flags.
Ensure the review of Information assets (data) creation, communication, transmission, storage and archiving processes and systems. Build guiding privacy policies and standards from these reviews and ensure appropriate control mechanisms are in place to safeguard information assets.
Communicate and collaborate with Information security operations department analysts to optimize information assets protection and Data loss prevention efforts in the Bank
Support products and services offered by the Bank to ensure balance between customer assets security and product and service experience.

Qualifications Education:

Minimum Education: First Degree in computer science/Engineering, Higher Degrees
At least three Relevant Professional Certifications as appropriate

Experience:

Minimum experience - Ten (10) years relevant working experience and 3 year working experience at supervisory level

Job Title: Team Lead, Situational Awareness/Operational Environment Standardization Ref No: 1900003G Location: Lagos Organization: Technology and Services Schedule: Regular Shift: Standard Job Type: Full-time Job Description

Provide users at all levels and in all operational environments access to and use of the information they need
Protecting and maintaining the integrity, quality, and availability of information.
Provide timely and complete Situational Awareness information
Provide clear, well integrated and enforceable operational policies
Define standard data and information suitable to support the required level of situation awareness
Defining, implementing, and enforcing the acceptable use policy
Proper assessment of the current operations occurring within the Banks network and infrastructure
Assess potential breakdowns, weak areas or vulnerabilities that can be exploited to maximum effect in crippling the banks system and communicate contingency preparedness and readiness status to management.
Monitoring of unusual events or occurrences within the Cybersecurity network.
Implement processes and solutions to ensure the banks flexibility to approach possible threats and mitigate them before they can be successful.
Determine information security events monitored should be escalated to incidents and follow all applicable incident response and reporting processes and procedures.
Responsible for tuning and filtering of events and information, creating custom views and content using all available tools following an approved methodology and with approval and concurrence from management.
Notify the banks and other stakeholders of significant changes in the security threat against the Customer networks in a timely manner and in writing via established reporting methods.
Coordinate with appropriate organizations regarding possible security incidents. Conduct intra-office research to evaluate events as necessary, maintain the current list of coordination points of contact.
Produce reports identifying significant or suspicious security events to appropriate parties. Include latest security threat information and tie back to specific intrusion sets of nation state actors when possible.
Review and evaluate network modifications and recommend security monitoring policy updates.
Establish procedures for handling each security event detected.

Qualifications Education:

Minimum Education: First Degree in computer science/Engineering

Experience:

Minimum experience - 10 year working knowledge in Information Technology/Information Security.
Higher Degrees/Professional Certificates
Working knowledge of PCI DSS
Working knowledge of ISO 27001
Information Security Standards, security architecture and practices.
Good knowledge of network security and encryption models

Job Title: Team Lead, Threat Intelligence & Management Job ID: 1900003H Location: Lagos Description

Develop and implement Threat Intelligence strategy and security plan for the mitigation of security risks and the protection of data.
Lead threat and Intelligence processes to identify, analyze, qualify, quantify, treat, accept, communicate and monitor risks related to information technology.
Lead threat Intelligence team throughout the development and implementation of projects to ensure business, legal, and technical needs, threats and opportunities are identified and managed.
Establishing and supporting the direct connection between threats, vulnerabilities, compliance, risks, actions, and consequences.
Ensures appropriate short-term and long-term measures are taken to remedy problems and react to anticipated needs.
Assist to review the Banks products and services to ensure inherent security threats are mitigated.
Establish technical and operational structures to ensure the correct implementation of security.
Conduct internal network "hunting" activities, examining assets for malware, advanced persistent threats (APTs), hidden anomalies, and other indicators of compromise.
Proactively manages technical and application portfolio availability and performance with emphasis on threats and compromise.
Review defined levels of tolerance and risk exposure with a focus on mitigating them.
Manage vulnerabilities and threat events in case of any failure or incident in the Organization
Provide guidance and support during changes to existing systems and implementation of new systems
Work with Process and Methods to define KPIs for evaluating effectiveness of threat management measures and controls
Identify solutions for threat and intelligence, as well as determine and coordinate improvements.
Manage threats with respect to development and implementation of IT Disaster Recovery Plan.
Ensure that threat incidents are properly managed; as well as follow-up on solutions to prevent recurrence
Promote a culture of adherence to security policies and practices
Assess the effectiveness of security controls (in conjunction with internal control and other auditory bodies)
Assist to review physical access control measures put in place in the Banks offices, buildings and environment bank-wide
Communicate the results of threat analysis to management, explaining the impact on IT and the business
Provide leadership and technical guidance to reports

Qualifications Education:

First Degree in Computer Science/Engineering
Higher Degrees/Professional Certificates

Experience:

Working knowledge of PCI DSS
Working knowledge of ISO 27001
Good understanding of Best Practices Security architecture.
Knowledge of the Banking industry and banking Operations
Knowledge of the Banking applications, services/products
Knowledge of the Software development Lifecycle
Knowledge of Physical Security
Knowledge of risk assessment and risk treatment procedures

Job Title: Vulnerability Mgt. Analyst Ref No: 1900003K Location: Lagos Organization: Technology and Services Schedule: Regular Job Type: Full-time Description

Conduct regular reviews of Banks network using manual/automated means to ensure that configurations meet best security practices
Carry out periodic vulnerability assessments and penetration testing on Applications and Networks
Drive situational awareness to all staff and other stakeholders based on risk identification
Conduct payment card data discovery scans to ensure security of Card Holder data
Conduct internal and external Penetration tests on the Bank’s information systems and make recommendations to critical findings
Provide in-house information security consulting expertise to the Bank
Assist in all security operations aimed at identifying cyber-attacks on the Bank
Engage with vendors and third parties on the identification and remediation of vulnerabilities
Provide periodic report on the status of vulnerabilities in the Bank
review the security of critical systems (e.g., e-mail servers, Active Directory, applications databases etc.) and changes to sensitive security controls to ensure appropriate security balance and strength across the Bank.
Provide insight on Security defense and hardening practices
Research and keep up-to-date with hacking/defense techniques, exploits and countermeasures
Analyze and evaluate vulnerabilities for exploitability and relevance.
Engage with stakeholders on timelines for closure of vulnerabilities and advise on appropriateness

Qualifications Education:

Minimum Education: First Degree in computer science/Engineering, Higher Degrees/Professional Certificates

Experience:

Minimum experience – Working knowledge of PCI DSS
Working knowledge of ISO 27001
Knowledge of the Security tools such as Qualys, Burp Suite, etc
Good Knowledge of Penetration testing tools.
Good knowledge of MS Windows and Linux
Good understanding of Best Practices Security architecture.
Working knowledge of penetration testing.
Good knowledge of network protocols including UDP/TCP/IP
Professional level knowledge of Access control lists, NAT, routing and switching

Job Title: Incident Mgt. & Response Analyst Ref No: 1900003B Location: Lagos Job: IT Tech, SEC & OPS Organization: Technology and Services Schedule: Regular Shift: Standard Job Type: Full-time Job Description

Provide support to identify and resolve security incidents and events.
System-wide collaboration on various issues including incident response.
Monitor security alert and threat resources for applicable security vulnerabilities.
Participate and promote security awareness and training.
Complete special projects as directed.
Participate in the Information Security Incident Response process.
Conduct advanced computer and network forensic investigations relating to various forms of malware, computer intrusion, data breaches, etc.
Provide forensic analysis of network packet captures, DNS, proxy, Netflow, malware, host-based security and application logs, as well as logs from various types of security sensors
Assist in identifying and remediating gaps as identified throughout the investigation
Review log-based data, both in raw form and utilizing SIEM or aggregation tools
Prepare reports by collecting, analyzing, and summarizing trends
Establish timelines and patterns of activity based on multiple data sources.

Qualifications Education:

Minimum Education: First Degree in Computer Science/Engineering, Higher Degrees/Professional Certificates

Experience:

Working knowledge of PCI DSS
Working knowledge of ISO 27001
Good understanding of Best Practices Security architecture.
Knowledge of the Banking industry and banking Operations
Knowledge of the Banking applications, services/products
Knowledge of the Software development Lifecycle
Knowledge of Physical Security
Knowledge of risk assessment and risk treatment procedures

Job Title: Security Infrastructure Management Analyst Ref No: 1900003D Location: Lagos Job: IT. OPS Job Family Organization: Technology and Services Schedule: Regular Shift: Standard Job Type: Full-time Job Description

Participate in planning & design of infrastructure security architecture
Specify, allocate, and assign confidentiality, integrity, and availability requirements to development and acquisition organizations and assets
Develop and maintain an enterprise security architecture
Create and maintain schematics, architectural and topological diagrams of the entire security architecture and ensure a Change Management procedure is adhered in case of design changes.
Ensure that security requirements are adequately addressed throughout the development and acquisition lifecycles for all assets
Perform certification and accreditation prior to releasing new systems and software to production
Serves as an internal information security consultant to the organization.
Assists in the development and implementation of security policies and procedures.
Initiates, facilitates and promotes activities to create information security awareness within the organization.
Assists with performing information security risk assessments and serves as an internal expert for information security related issues.
Helps reviews system-related security plans throughout the organization's corporate information systems and applications.
Monitors compliance with information security policies and procedures, referring problems to the appropriate department manager or business area.
Maintains information security devices and solutions for the organization, such as Intrusion Detection Systems, e-Discovery, Hard Disk Encryption, and Vulnerability Scanners.
Supports the security incident response process.
Provides input in selection of system software and hardware, with emphasis on security and compliance requirements.
Supports development of security deliverables for enhancements to production systems and new development.
Monitors security queues for daily tickets in support with the organizations daily operations.

Qualifications Education:

Minimum Education: First Degree in computer science/Engineering, Higher Degrees
At least three Relevant Professional Certifications as appropriate

Experience:

Minimum experience - Ten (10) years relevant working experience and 3 year working experience at supervisory level

Job Title: Head - Security Engineering & Assets Security Unit Ref No: 1900003A Location: Lagos Organization: Technology and Services Schedule: Regular Job Type: Full-time Description

Security requirements: specify, allocate, and assign confidentiality, integrity, and availability requirements to development and acquisition organizations and assets
Security architecture: Develop and maintain an enterprise security architecture
Secure lifecycle: ensure that security requirements are adequately addressed throughout the development and acquisition lifecycles for all assets
Certification and accreditation: perform certification and accreditation prior to releasing new systems and software to production
Manages and assess the bank’s security measures, such as firewalls, anti-virus software and passwords, to identify any weak points that might make information systems vulnerable to attack.
Coordinates and prioritize security coverage to ensure that strategically important data, such as commercial information or personal data, receives the highest levels of protection.
Manages all activities that serve to provide appropriate access to protect the customers information and that of all security solutions.
Perform gap analysis based on the understanding of current-state and target-state of the Information Security architectures.
Coordinates the selection, design, justification, implementation and operation of information security controls and management strategies in accordance with regulations.
Ensures that projects are compliant with the banks Information Security architecture framework and secure development standards.
Coordinate and provide leadership and oversight of information assurance, setting high level strategic and policies to ensure stakeholder’s confidence, that risk to the integrity of information in storage and transit is managed pragmatically and in a cost-effective manner.
Manage the overall Business Continuity Planning process and report results to the Information Security Management team.
Coordinate the execution of vulnerability assessments processes, penetration tests and security audits.
Coordinate the enforcement of Information Security standards and policies including the maintenance of security certifications e.g. the Payment Card Industry Data Security Solutions (PCIDSS).
Coordinate regular security awareness workshops for all Information Security Operation’s employees to ensure consistently high levels of compliance with regulatory bodies.
Create and maintain Information Security documents, comprising, policies, standards, baselines, guidelines and procedures.
Establishes, plans, and administers the overall policies and goals for the information security operations department.
Manage the deployment, monitoring, maintenance, development, upgrade, and support of all Information Security services.
Develop standard operating procedures for Information Security best practices and service provision.