Applications Security Officer at CalBank

Full time @CalBank Ghana posted 3 weeks ago in Information Technology
  • Post Date : November 13, 2023
  • Apply Before : December 13, 2023
Email Job
  • Share:

Job Detail

  • Offered Salary 0
  • Career Level Manager
  • Experience 3 Years
  • Qualifications Degree Bachelor

Job Description

Job Title: Applications Security Officer

Location: Accra

Department: Information Security

Role Purpose

To handle all application security issues as a result of increased use of both internal and externally developed applications within the Bank and the rising threats to applications.

 

Duties and Responsibilities

1.    Cyber and Information Security Management Framework

–     Support the implementation and enforcement of secure design principles according to information security policies, standards, and patterns.

–     Support the deployment of application and database security baselines

–     Implement, test, and operate advanced software security techniques in compliance with the technical reference architecture.

–     Complement the Maintenance and update policies and technical documentation in relation to applications.

2.   Risk Assessment and Vulnerability Management

–     Complement the application security risk and vulnerability assessment on projects prior to project kick start.

–     Perform prospective merchant integration application security review for PCI DSS and track progress of remediations

3.   Application Development

–     Conduct web application security scans, analyze results for false positives, prioritize vulnerabilities, and research and propose remediation steps.

–     Implement API security

4.   Application Testing

–     Troubleshoot and debug application issues that arise Bank wide

–     Conduct awareness sessions on secure coding for software developers

–     Consult team members on secure coding practices

–     Develop a familiarity with new tools and best practices

–     Analyze application logs and audit trails for suspicious activities.

–     Perform proactive research to detect new attack vectors

5.   Security Architecture and Designing

–     Maintain the inventory architecture of all applications within the organization.

–     Work with security product vendors and service providers to evaluate security offerings, including product evaluations, proof of concept, and pilot installations.

–     Advocate for security requirements during all phases of the SDLC.

6.   Information Security Incident Management

–     Support incident response when a security event occurs.

–     Issue reports on assigned applications and system scans.

7.    Information Security Projects

–     Support the implementation of DevOps within the Bank.

–     Support application integrations in the PIM deployment project.

–     Support the implementation of automated platform for the secure software development process.

–     Participate in preparatory activities for the ISO27001 surveillance audit.

–     Participate and provide software security guidance in the SOC project

–     Participate in PCI DSS re-certification activities.

–     Participate in the Azure Information Protection (AIP) implementation project.

–     Support the social media security process (applications based on social media)

 

Qualification and Experience

·       Bachelor’s degree in Computer Science/Engineering, Information Technology, Electrical Eng., or a related field of study. A Master’s degree is an advantage.

·       Minimum professional certificate of CEH, CISM, CRISC or CISA.

·       Knowledge of information security standards such as ISO 27001, IS0 27035, and PCI-DSS.

·       Background in application development.

·       3+ years’ experience in application development.

·       Knowledge of information security standards/frameworks such as ISO 27001, OWASP, and CIS.

·       Industry certification on any systems or network infrastructure required e.g. MCITP/CCNA, etc.

 

Skills, Capabilities & Attributes

·       Knowledge of Information security and risk management frameworks/best practices.

·       Experience with Programming and implementation of technical controls.

·       Knowledge in IT Service Management (ITIL)

·       Knowledge of Cyber and Information Security standards such as NIST, ISO 27001, PCI-DSS, etc

·       Knowledge of network and security devices and platforms, including firewalls.

·       Good understanding of security solutions and how they fit together to address business risk

·       Working experience with performing security assessments and network vulnerability assessments

·       Basic knowledge of IT regulatory and compliance requirements

Other jobs you may like

 
Required 'Candidate' login to applying this job. Click here to logout And try again
 
 
Required 'Candidate' login for send message Click here to logout And try again
 
 

Apply for this Job

  • Drop a resume file or click to upload.
    To upload file size is (Max 5Mb) and allowed file types are (.doc, .docx, .pdf)
    or
    Upload Resume

  • By clicking checkbox, you agree to our Terms and Conditions and Privacy Policy

 

Answers

 

Job Alerts

 

Account Activation

Before you can login, you must activate your account with the code sent to your email address. If you did not receive this email, please check your junk/spam folder. Click here to resend the activation email. If you entered an incorrect email address, you will need to re-register with the correct email address.