Technology Governance Specialist Job at NMB Bank

RESPONSIBILITIES:

Develop, review, and update technology-related policies, procedures, and guidelines to reflect best practices and regulatory changes.
Coordinate and participate in internal and external technology audits and assessments.
Review and assess the security architecture of technology systems and propose improvements to enhance security posture.
Review and recommends secure design principles and configurations.
Perform penetration testing, vulnerability scanning, and security audits to uncover security gaps.
Collaborate with IT and cybersecurity teams to ensure controls are integrated into technology systems and processes.
Stay up to date with relevant laws, regulations, and industry standards related to technology and information security and ensure the organizations technology practices align with regulatory requirements (e.g., GDPR, Personal Data Collection Act, PCI DSS) and industry frameworks (e.g., NIST, ISO 27001).
Contribute to the development and maintenance of cybersecurity incident response plans and playbooks.
Foster a culture of security and compliance throughout the organization.
Collaborate with the training team to develop and deliver cybersecurity awareness programs for the bank.

Knowledge and Skills:

Excellent knowledge of security monitoring and testing technology landscape.
In-depth knowledge of security of various operating system flavors such as Windows, Linux, and Unix.
Knowledge of security of applications, databases, and middleware technologies.
Knowledge of common information security monitoring and testing frameworks and methodologies.
Proven experience in cybersecurity roles, including vulnerability assessment, penetration testing, or security auditing.
Strong planning and organizing.
Time management.
Ability to communicate clearly, pleasantly, and confidently with technology management stakeholders both orally and written.
Ability to work on own initiative and be self-driven, prioritizing work with minimum supervision and working to deliver.
Demonstrate strong analytical, problem-solving, coordination, and decision-making abilities.
Team player that motivates and educates other team members/change stakeholders.
Ability to interact with all levels of management, staff, and vendors.
Qualifications and Experience:
Degree in Computer Science or a related academic field.
Preferred professional certifications such as OSCP, CISSP, CISA, CRISC, CEH or any other relevant security certifications.
3 years of experience in cybersecurity and/or technology risk management.
Solid hands-on experience in enterprise security tools including security monitoring technologies.
Solid hands-on experience in VAPT.

METHOD OF APPLICATION

Submit your CV and Application on Company Website : Click Here

Application Deadline: 15th September 2023.