The Assistant Vice President oversees the implementation of security solutions and the daily operations of Bank's security infrastructure, systems and data. This includes leading a team, managing incident response, ensuring compliance with governing regulations, monitoring KPIs and driving continuous improvement initiatives to enhance the Bank's security posture and mitigate threats effectively.
Responsibilities:
- Develop and implement IT security strategic plans, policies and procedures to ensure the security of the Bank's IT infrastructure, systems and data.
- Oversee security operations, including monitoring, logging, and analysis of security events and incidents, and coordinating responses to security alerts and threats.
- Lead and manage a team of IT security professionals in daily security operations and project implementation, including training and mentoring.
- Conduct risk assessments and vulnerability scanning to identify and prioritise security risks, and develop mitigation strategies to address them.
- Manage incident response, including investigation of security breaches and implementation of corrective actions to minimize impact of incidents.
- Monitor key performance indicators (KPIs) and metrics to measure the effectiveness of security controls, and continuously implement improvement processes.
- Prepare write-ups/papers/presentation materials for management reporting on status of IT security initiatives, key metrics, and emerging threats.
- Ensure compliance with regulatory requirements and industry standards, and implement robust security measures to protect Bank's data and infrastructure assets.
- Assess and improve the Bank's security posture through proactive security measures, process enhancements and technology upgrade.
Requirements:
- A recognised Degree in Information Technology/Computer Science
- Minimum 10 years of experience in IT security roles, with a proven track record of implementing and managing security solutions in a complex IT environment
- Deep understanding of cybersecurity principles with hands-on experience on security tools e.g. firewalls, intrusion prevention system, anti-virus, web application firewall, SIEM, endpoint protection, and vulnerability assessment
- Strong analytical and problem solving skills with the ability to assess complex security issues and recommend effective solutions
- Proven ability to lead and manage a team
- Good interpersonal and communication skills
- CompTIA Security+, Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), CREST / OSCP Certifications, or other specific security solutions certification will be an added advantage
