First Bank of Nigeria Limited (FirstBank) is Nigeria’s largest financial services institution by total assets and gross earnings. With more than 10 million customer accounts, FirstBank has over 750 branches providing a comprehensive range of retail and corporate financial services. The Bank has international presence through its subsidiaries, FBN Bank (UK) Limited in London and Paris, FBNBank DRC, FBNBank Ghana, FBNBank Gambia, FBNBank Guinea, FBNBank Sierra-Leone and FBNBank Senegal, as well as its Representative Offices in Johannesburg, Beijing and Abu Dhabi.
We are recruiting to fill the vacant position below:
Job Title: Security Infrastructure Management Analyst
Ref No: 1900003D
Location: Lagos
Job: IT. OPS Job Family
Organization: Technology and Services
Schedule: Regular
Shift: Standard
Job Type: Full-time
Job Description
- Participate in planning & design of infrastructure security architecture
- Specify, allocate, and assign confidentiality, integrity, and availability requirements to development and acquisition organizations and assets
- Develop and maintain an enterprise security architecture
- Create and maintain schematics, architectural and topological diagrams of the entire security architecture and ensure a Change Management procedure is adhered in case of design changes.
- Ensure that security requirements are adequately addressed throughout the development and acquisition lifecycles for all assets
- Perform certification and accreditation prior to releasing new systems and software to production
- Serves as an internal information security consultant to the organization.
- Assists in the development and implementation of security policies and procedures.
- Initiates, facilitates and promotes activities to create information security awareness within the organization.
- Assists with performing information security risk assessments and serves as an internal expert for information security related issues.
- Helps reviews system-related security plans throughout the organization’s corporate information systems and applications.
- Monitors compliance with information security policies and procedures, referring problems to the appropriate department manager or business area.
- Maintains information security devices and solutions for the organization, such as Intrusion Detection Systems, e-Discovery, Hard Disk Encryption, and Vulnerability Scanners.
- Supports the security incident response process.
- Provides input in selection of system software and hardware, with emphasis on security and compliance requirements.
- Supports development of security deliverables for enhancements to production systems and new development.
- Monitors security queues for daily tickets in support with the organizations daily operations.
Qualifications
Education:
- Minimum Education: First Degree in computer science/Engineering, Higher Degrees
- At least three Relevant Professional Certifications as appropriate
Experience:
- Minimum experience – Ten (10) years relevant working experience and 3 year working experience at supervisory level
How to Apply
Interested and qualified candidates should:
Click here to apply online
Job Title: Incident Mgt. & Response Analyst
Ref No: 1900003B
Location: Lagos
Job: IT Tech, SEC & OPS
Organization: Technology and Services
Schedule: Regular
Shift: Standard
Job Type: Full-time
Job Description
- Provide support to identify and resolve security incidents and events.
- System-wide collaboration on various issues including incident response.
- Monitor security alert and threat resources for applicable security vulnerabilities.
- Participate and promote security awareness and training.
- Complete special projects as directed.
- Participate in the Information Security Incident Response process.
- Conduct advanced computer and network forensic investigations relating to various forms of malware, computer intrusion, data breaches, etc.
- Provide forensic analysis of network packet captures, DNS, proxy, Netflow, malware, host-based security and application logs, as well as logs from various types of security sensors
- Assist in identifying and remediating gaps as identified throughout the investigation
- Review log-based data, both in raw form and utilizing SIEM or aggregation tools
- Prepare reports by collecting, analyzing, and summarizing trends
- Establish timelines and patterns of activity based on multiple data sources.
Qualifications
Education:
- Minimum Education: First Degree in Computer Science/Engineering, Higher Degrees/Professional Certificates
Experience:
- Working knowledge of PCI DSS
- Working knowledge of ISO 27001
- Good understanding of Best Practices Security architecture.
- Knowledge of the Banking industry and banking Operations
- Knowledge of the Banking applications, services/products
- Knowledge of the Software development Lifecycle
- Knowledge of Physical Security
- Knowledge of risk assessment and risk treatment procedures
How to Apply
Interested and qualified candidates should:
Click here to apply online
Job Title: Head – Security Engineering & Assets Security Unit
Ref No: 1900003A
Location: Lagos
Organization: Technology and Services
Schedule: Regular
Job Type: Full-time
Description
- Security requirements: specify, allocate, and assign confidentiality, integrity, and availability requirements to development and acquisition organizations and assets
- Security architecture: Develop and maintain an enterprise security architecture
- Secure lifecycle: ensure that security requirements are adequately addressed throughout the development and acquisition lifecycles for all assets
- Certification and accreditation: perform certification and accreditation prior to releasing new systems and software to production
- Manages and assess the bank’s security measures, such as firewalls, anti-virus software and passwords, to identify any weak points that might make information systems vulnerable to attack.
- Coordinates and prioritize security coverage to ensure that strategically important data, such as commercial information or personal data, receives the highest levels of protection.
- Manages all activities that serve to provide appropriate access to protect the customers information and that of all security solutions.
- Perform gap analysis based on the understanding of current-state and target-state of the Information Security architectures.
- Coordinates the selection, design, justification, implementation and operation of information security controls and management strategies in accordance with regulations.
- Ensures that projects are compliant with the banks Information Security architecture framework and secure development standards.
- Coordinate and provide leadership and oversight of information assurance, setting high level strategic and policies to ensure stakeholder’s confidence, that risk to the integrity of information in storage and transit is managed pragmatically and in a cost-effective manner.
- Manage the overall Business Continuity Planning process and report results to the Information Security Management team.
- Coordinate the execution of vulnerability assessments processes, penetration tests and security audits.
- Coordinate the enforcement of Information Security standards and policies including the maintenance of security certifications e.g. the Payment Card Industry Data Security Solutions (PCIDSS).
- Coordinate regular security awareness workshops for all Information Security Operation’s employees to ensure consistently high levels of compliance with regulatory bodies.
- Create and maintain Information Security documents, comprising, policies, standards, baselines, guidelines and procedures.
- Establishes, plans, and administers the overall policies and goals for the information security operations department.
- Manage the deployment, monitoring, maintenance, development, upgrade, and support of all Information Security services.
- Develop standard operating procedures for Information Security best practices and service provision.
Qualifications
Education:
- Minimum Education: First Degree in Computer Science/Engineering, Higher Degrees
- At least three Relevant Professional Certifications as appropriate
Experience:
- Minimum experience – Ten (10) years relevant working experience and 5 years working experience at supervisory level.
How to Apply
Interested and qualified candidates should:
Click here to apply online
Job Title: Team Lead, Information Assets Security
Ref No: 1900003F
Location: Lagos
Organization: Technology and Services
Schedule: Regular
Job Type: Full-time
Description
- Develop and maintain inventories of information assets
- Define, implement, assess, and maintain controls necessary to protect information and vital assets including media and paper-based information assets in accordance with security requirements
- Develop and coordinate efforts aimed at the protection of enterprise information assets
- Develop integration solution and operational processes for the safeguard of classified data and information enterprise wide.
- Review existing policies, and coordinate efforts at automating such policies towards protection of information assets in the Bank.
- Provide support for the overall coordination of data protection and information leakage prevention across all platforms across the bank
- Establish and maintain excellent working relationships/partnerships with the cyber security and infrastructure support teams throughout the Information Technology organization, as well as business unit stakeholder SMEs to ensure coordinated efforts in the protection of information assets.
- Develop process and methodologies to enhance data loss prevention management across multiplicity of the banks applications and products.
- Benchmark against security and fraud management implementation against applicable industry and international standards, develop appropriate event triggers and red flags.
- Ensure the review of Information assets (data) creation, communication, transmission, storage and archiving processes and systems. Build guiding privacy policies and standards from these reviews and ensure appropriate control mechanisms are in place to safeguard information assets.
- Communicate and collaborate with Information security operations department analysts to optimize information assets protection and Data loss prevention efforts in the Bank
- Support products and services offered by the Bank to ensure balance between customer assets security and product and service experience.
Qualifications
Education:
- Minimum Education: First Degree in computer science/Engineering, Higher Degrees
- At least three Relevant Professional Certifications as appropriate
Experience:
- Minimum experience – Ten (10) years relevant working experience and 3 year working experience at supervisory level
How to Apply
Interested and qualified candidates should:
Click here to apply online
Job ref.: 1900003E
Location: Lagos
Job Type: Full-time
Schedule: Regular
Shift: Standard
Job Descriptions
- Oversee the management of Electronic Transaction monitoring for First Bank Group
- Direct or Implementation Incident Reporting methodology for the Electronic Transaction Management
- Direct or Implementation Incident Management methodology for the Security Operations Center.
- Oversee the Security Systems monitoring for the Security Operations Center
- Implement incidents analysis framework for capturing and development of lessons learnt in Security Operations Center.
- Research and deliver security briefings to support Unit staff awareness and business planning
- Oversee routine security reports and transactions threat Assessments and on occurrence Alerts
- Co-ordinate and supervise the daily management of the SOC fraud investigation center for the Bank and ongoing implementation of other rules across the First Bank group.
- Manage the Implementation of sound independent Technology control policies, practices and standards to mitigate all sources of Information Technology risks across all layers of Information systems around electronic transactions
- Coordinate and ensuring prevention and /or detection of IT operational frauds/lapses/business losses for the SOC/Bank
- Supervise the provision of quality assurance and effective User Acceptance testing (UAT) /change management process for the SOC/bank.
- Co-ordinate and oversee the analyses and development of processing logic and data extraction scripts in the implementation that relates
- Co-ordinate and manage the identification and resolution of SOC operational lapses, rejected events, system bugs and reconciliation issues Bank-wide.
- Supervise and organize the execution of preliminary review and approval of proposed changes to system parameters and critical tables before implementation bank-wide as it relates to SOC.
- Supervise the Implementation of sound logical access controls mechanisms such as segregation of duties or Role-based user managements on Major SOC application systems for the bank.
- Co-ordinate and manage the implementation / deployment of subsequent fraud rules. · · Supervise the resolution of audit issues and exceptions on IT operations, Infrastructure and Enterprise security teams bank-wide.
- Supervise implementation of fraud rules development/deployment for the group, across all platforms.
- Supervise research on new fraud dynamics in the industry
- Supervise the implementation of the Industry Fraud Desk for the Bank
- Co-ordinate the implementation of Industry Fraud Management solution deployed by NIBSS.
- Co-ordinate and oversee the Industry Fraud desk.
- Developing strategies for Prevention and /or detection of IT operational frauds/lapses/business losses across platforms.
- Ensure Critical Call-over /Exceptions reports are delivered to branches daily.
- To develop strategies for the Automation of Electronic Transaction management processes and procedures (including scripting, Anti-fraud rules and use of specialized tools) to enhance productivity and operational efficiency of the division.
- Developing and overseeing the Implementation of appropriate Role structures, review procedures and other transaction mechanisms to ensure fraud-free across various operating platforms.
- Implement Electronic Transaction Management based on representations around spate of fraud and cybercrime on customer electronic transactions across other Africa countries.
Qualifications
Education:
- Minimum Education: First degree in any of any Science/Numerate discipline, MBA will be an added advantage
Experience:
- Minimum experience – 11 years banking experience
How to Apply
Interested and qualified candidates should:
Click here to apply online
Job Title: Database Security Management Analyst
Job ID: 19000039
Location: Lagos
Description
- Coordinate the planning & design of enterprise database security architecture
- Coordinate program designed to ensure security of the banks database systems and information assets.
- Maintain systems to protect against unauthorized access, modification, or destruction Identifies, reports, and resolves security violations.
- Manage user’s access and permission control for various database and management systems.
- Coordinate the analyses, development & implementation process for improvement using security tools such as DAM. Assist with the implementation of classification and categorization schema of data.
- Support the full system engineering life-cycle including requirements analysis, design, development, testing and implementation, assessment, authorization and monitoring of the information systems such as Data Loss Protection and other database applications.
- Manage the monitoring of database audit logs, Access Control List, password, and security assessment reports access on databases.
- Conduct risk assessment and provides documentation regarding product deficiencies, change or software issues.
- Provide and develop technical topics, lessons learned and training sessions for First Bank end users
- Maintaining the access control and permission for all databases and monitor the access and use of databases for likely breaches and threats.
- Support the requirements analysis, design, development, testing, and implementation for the data / content management system
- Maintain user access and permission control for various data management systems.
- Perform desktop support and troubleshooting for the various Databases.
- Conduct risk assessment and provides documentation regarding database issues.
- Create standards in Database Security processes, procedures and audit requirements
- Conduct security tool selection, pilot and implementation
Requirements
- Minimum Education: First degree in Computer Science/Engineering, Systems Engineering or with strong Information Security component
- Database Security knowledge the following platforms – Oracle (8i, 9i, 10g, 11g), Informix (9, 10, 11), MS SQL Server (6.5, 7, 2000, 2005, 2008), DB2 (8, 9), Sybase (11, 15), Teradata. Certified IBM DB2 DBA, version 8.
- Minimum experience: 3 years banking experience
How to Apply
Interested and qualified candidates should:
Click here to apply online
Job Title: Infrastructure Monitoring Officer
Ref: 1900003C
Location: Lagos
Job: IT. OPS Job Family
Organization: Technology and Services
Schedule: Regular
Shift: Standard
Job Type: Full-time
Description/Requirements
- Communications skills (written and oral) and understanding of outbound /transferred call scripts including e-mail script.
- Evaluate and report alerts generated on the Intellinx investigation center.
- Ensure that alerts generated receive prompt response and proper placement.
- Resolve alerts generated on Intellinx investigation center and ensure proper reassignment where necessary or the closure of such alerts.
- Ensure all alerts generated within the shift window are resolve
- Ensure that all alerts/incidents generated are properly reviewed and close properly.
- Review close incidents
- Review the white/black list of users.
- Ensure alerts case management are properly documented.
- Answers inquiries by clarifying desired information, researching, locating, and providing information
- Resolves customer’s challenges by clarifying issues, researching and exploring answers and alternative solutions; escalating unresolved problems.
- Virtual interface with external customers through telephone engagement.
- Interactions with a lot of applications that holds customers information for investigations
- Extensive use of office productivity tools (Excel, word etc.)
- Computer appreciation skills with graphical knowledge
- Reasoning and analytical skills in customer problem resolution.
Qualifications
Education:
- Minimum Education: First Degree in any field.
Experience:
- Minimum experience: 2 years relevant experience
How to Apply
Interested and qualified candidates should:
Click here to apply online
Job Title: Threat Intelligence & Management Analyst
Ref: 1900003I
Location: Lagos
Job: IT. OPS Job Family
Organization: Technology and Services
Schedule: Regular
Shift: Standard
Job Type: Full-time
Description
- Assist to review the Banks products and services to ensure inherent security threats are mitigated
- Assist in driving security implementation in the design of new products, services and process in the Bank
- Assist to conduct regular reviews of databases and applications to identify threats and remediate accordingly
- Assist to review physical access control measures put in place in the Banks offices, buildings and environment bank-wide
- Conduct regular reviews of the Banks offices and other banks facilities to ensure that vulnerabilities and threats are identified and treated.
- Provide support as needed when a business disruption occurs.
- Identify opportunities to enhance detection systems and security controls to counter known threats.
- Monitor technology systems to identify, analyze, evaluate, treat, accept, and communicate security threats and risks
- Provide support during changes to existing systems and implementation of new systems
- Continuous monitoring of technology (e.g. network, systems, etc.) security to ensure compliance and optimal performance
- Assist with operational risk assessments and escalate key issues (where necessary)
- Contribute to the assessment of the effectiveness of security controls (in conjunction with internal control and other auditory bodies)
Qualifications
Education:
- Minimum Education: First Degree in Computer Science/Engineering, Higher Degrees/Professional Certificates
Experience:
- Working knowledge of PCI DSS
- Working knowledge of ISO 27001
- Good understanding of Best Practices Security architecture.
- Knowledge of the Banking industry and banking Operations
- Knowledge of the Banking applications, services/products
- Knowledge of the Software development Lifecycle
- Knowledge of Physical Security
- Knowledge of risk assessment and risk treatment procedures.
How to Apply
Interested and qualified candidates should:
Click here to apply online
Job Title: Unit Head, Information Security Program Management
Job ref.: 1900003J
Location: Lagos
Job Type: Full-time
Schedule: Regular
Shift: Standard
Job Descriptions
- Coordinate the development, implementation and maintenance of an information security program, process and plan for FirstBank.
- Manage the definition of information security roles and responsibilities
- Coordinate the resource allocation process for information security operations department ensuring that adequately trained, skilled resources are available to implement the information security program and plan.
- Lead cross-functional program teams in security remediation planning and execution of security programs by planning and tracking of tasks, schedules, resources and dependencies – facilitate & drive project meetings
- Raise accountability; escalate issues in a timely manner and create and maintain detailed Project Plans
- Champion & contribute to project management best practices and innovate & champion processes/methodologies at project level
- Manage the process of Identifying , managing , and maintaining the security work products, resources required to implement the information security program and plan
- Communicate and coordinate relationship with internal and external stakeholders including third party organizations, service providers, equipment manufacturers and other Strategic Business Units on Information Security initiatives and programs.
- Manage the Security budget of the department, allocate and manage funding for all information security activities
- Coordinate the measurement and monitoring of cost, schedule, and performance against the information security plan and set strategic objectives.
- Engage and coordinate relationship with relevant stakeholders from the security environment (internal and external)
- Review the status of the information security program with higher level managers
- Identify, review, assess, and enable business functions that impact information security.
- Work with other security departments to ensure that FirstBank is pursuing a coordinated strategic for the protection of its information assets.
- Coordinate enterprise projects, assign resources from ISOD and coordinate the implementation of Bank wide initiatives aimed at improving security across the Bank.
- Formulate framework, policies and enterprise projects and departmental projects that will ensure the ongoing security of the Bank.
- Manage project and provide status to Head, Information security Operations Department
- Establish and maintain excellent working relationships/partnerships with external partners.
- Manage relationship with security equipment manufacturers, vendors and consultants.
- Support products and services offered by the Bank to ensure balance between customer assets security and product and service experience.
- Perform secondary support for upgrades and apply patches and/or bug fixes
Qualifications
Minimum Education:
- First Degree in Computer Science/Engineering, Higher Degrees
- At least three relevant professional certifications as appropriate
Experience:
- Minimum experience – Ten (10) years relevant working experience and 3 year working experience at supervisory level
How to Apply
Interested and qualified candidates should:
Click here to apply online
Job Title: Vulnerability Mgt. Analyst
Ref No: 1900003K
Location: Lagos
Organization: Technology and Services
Schedule: Regular
Job Type: Full-time
Description
- Conduct regular reviews of Banks network using manual/automated means to ensure that configurations meet best security practices
- Carry out periodic vulnerability assessments and penetration testing on Applications and Networks
- Drive situational awareness to all staff and other stakeholders based on risk identification
- Conduct payment card data discovery scans to ensure security of Card Holder data
- Conduct internal and external Penetration tests on the Bank’s information systems and make recommendations to critical findings
- Provide in-house information security consulting expertise to the Bank
- Assist in all security operations aimed at identifying cyber-attacks on the Bank
- Engage with vendors and third parties on the identification and remediation of vulnerabilities
- Provide periodic report on the status of vulnerabilities in the Bank
- review the security of critical systems (e.g., e-mail servers, Active Directory, applications databases etc.) and changes to sensitive security controls to ensure appropriate security balance and strength across the Bank.
- Provide insight on Security defense and hardening practices
- Research and keep up-to-date with hacking/defense techniques, exploits and countermeasures
- Analyze and evaluate vulnerabilities for exploitability and relevance.
- Engage with stakeholders on timelines for closure of vulnerabilities and advise on appropriateness
Qualifications
Education:
- Minimum Education: First Degree in computer science/Engineering, Higher Degrees/Professional Certificates
Experience:
- Minimum experience – Working knowledge of PCI DSS
- Working knowledge of ISO 27001
- Knowledge of the Security tools such as Qualys, Burp Suite, etc
- Good Knowledge of Penetration testing tools.
- Good knowledge of MS Windows and Linux
- Good understanding of Best Practices Security architecture.
- Working knowledge of penetration testing.
- Good knowledge of network protocols including UDP/TCP/IP
- Professional level knowledge of Access control lists, NAT, routing and switching
How to Apply
Interested and qualified candidates should:
Click here to apply online
Leave a Reply