Jobs at First Bank of Nigeria Limited

Job Description

• Provide assurance on the effectiveness and efficiency of Information Systems Risk Management, Control and governance process within the bank and subsidiaries to achieve strategic and business  objectives
• Ensure that Information Systems and Cybersecurity risks are properly identified, measured, monitored and reported within the bank’s risk apetite

Duties and Responsibilities

• Participate in the Audit of the Bank’s:
  • Cyber Security Programs
  • Security configurations & Infrastructure and
  • Security Incident and Event Management
  • Security Standards and Frameworks
  • Interfaces, web services and APIs
  • Vulnerability Assessments, Penetration Testing and
  • Security Operations Centre
• Assists in the review of the Bank’s Firewalls, Core Switches, Routers, Intrusion Detection and Prevention Systems to ensure they are adequately configured to prevent intrusions into the bank’s networks
• Participates in the audit of Antivirus, patch management, SIEM and other emerging security solutions deployed by the Bank
• Participates in various audit engagements to ensure the audits are performed in line with Internal Audit Methodology and relevant professional standards
• Carries out special investigation into cyber security related breaches, system outages or attacks
• Follow-up on timely regularization of audit exceptions and assurance reviews
• Participates in Cybersecurity Operations projects
• Carries out other tasks that may be assigned from time to time
• Maintains the Security of all Information entrusted to the staff

Job Requirements
Education:

• First Degree preferably in Computer Science or related discipline
• Professional certification (CISA,  SCCP, CCSA, CRISC, CISSP, CEH, ISO 27032, ISO 22301 & ISO 27001, ISO 20000, COBIT 5, CCISO etc.)

Experience:

• Minimum experience - 1 year in IT and Audit/Control/Information Security/Information Risk Management and Project Management.

go to method of application »

Job Description

• Ensure IT Infrastructure standards, policies, guidelines and procedures are being implemented by IT management to enable availability of IT services to support the bank’s business objectives.
• Provide assurance over the effectiveness of controls on the bank’s technical infrastructure.

Duties and Responsibilities

• Participates in the periodic audit of the Bank’s Disaster Recovery Infrastructure to ensure its availability and adequacy when the main production facility becomes unavailable.
• Represents the Department in Information Technology related projects for quality assurance purposes and provide report to on progress and risk management.
• Audit of all IT Operations (EOD/BOD/EOM/EOQ/EOY, Enterprise Data Backup & Restore, Physical & Environmental Controls, SLA, Staff, training, etc.)
• Prepare timely, accurate and complete audit query and other audit work papers in line with the Internal Audit Methodology.
• Carry out assigned investigations of frauds connected to the use of channels and systems.
• Participates in the audit of the Bank’s Network and Telecommunications Infrastructure to ensure protection against a wide range of threats and vulnerabilities.
• Assists in the review of the Bank’s Firewalls, Core Switches, Routers, Intrusion Detection and Prevention Systems to ensure they are adequately configured to prevent intrusions into the bank’s networks.
• Executes audit of Messaging Infrastructure (Exchange clients and Servers) to ensure security and efficiency.
• Participates in the review of Virtualization Infrastructure to ensure security and availability of the virtualized layer.
• Participates in the audit of Antivirus, patch management and other emerging technologies as deployed by the Bank.
• Participates in Systems and Infrastructure projects
• Maintains the Security of all Information entrusted to the staff
• Carry out other tasks that may be assigned from time to time
• Maintains the Security of all Information entrusted to the staff

Job Requirements
Education:

• First Degree preferably in Computer Science or related discipline
• Professional certification (CISA, CRISC, ISO 27001, ISO 22301, ISO 20000 etc.)

Experience:

• Minimum experience - 1 year in IT and Audit/Control/Information Security/Information Risk Management and Project Management.