First Bank of Nigeria Limited (FirstBank) - We are recruiting to fill the position of a Vulnerability Management Analyst in Lagos.

Job Identification: 101

Job Objective(s)

• To identify security loopholes and vulnerabilities within the banks information systems

Duties & Responsibilities

• Conduct regular reviews of Banks network using manual/automated means to ensure that configurations meet best security practices
• Carry out periodic vulnerability assessments and penetration testing on Applications and Networks
• Drive situational awareness to all staff and other stakeholders based on risk identification
• Conduct payment card data discovery scans to ensure security of Card Holder data
• Conduct internal and external Penetration tests on the Bank’s information systems and make recommendations to critical findings
• Provide in-house information security consulting expertise to the Bank
• Assist in all security operations aimed at identifying cyber-attacks on the Bank
• Engage with vendors and third parties on the identification and remediation of vulnerabilities
• Provide periodic report on the status of vulnerabilities in the Bank
• review the security of critical systems (e.g., e-mail servers, Active Directory, applications databases etc.) and changes to sensitive security controls to ensure appropriate security balance and strength across the Bank.
• Provide insight on Security defense and hardening practices
• Research and keep up-to-date with hacking/defense techniques, exploits and countermeasures
• Analyze and evaluate vulnerabilities for exploitability and relevance.
• Engage with stakeholders on timelines for closure of vulnerabilities and advise on appropriateness
• Comply with the principles and policies in the information security hand book.

Job Requirements
Education:

• Minimum Education: First Degree in Computer Science / Engineering, Higher Degrees / Professional Certificates

Experience:

• Minimum experience – Working knowledge of PCI DSS
• Working knowledge of ISO 27001
• Knowledge of the Security tools such as Qualys, Burp Suite, etc
• Good Knowledge of Penetration testing tools.
• Good knowledge of MS Windows and Linux
• Good understanding of Best Practices Security architecture.
• Working knowledge of penetration testing.
• Good knowledge of network protocols including UDP/TCP/IP
• Professional-level knowledge of Access control lists, NAT, routing and switching
• Ability to review rule sets for firewalls
• Good knowledge of firewalls, IDS and IPS
• Good knowledge of network/application security and encryption models.

How to Apply
Interested and qualified candidates should apply on or before 1st February, 2021.