Career Opportunity: Information Security Officer

The Central Bank of Barbados is seeking to fill a vacant post of Information Security Officer in its Management Information Systems Department.

Job Summary

To assist in ensuring that the Bank’s security architecture is aligned to security policies and tactical operating processes, procedures and standards, to secure and protect the Bank’s information assets and computing infrastructure.

To assist with coordinating and/or supervising all ongoing activities that serve to provide appropriate access to and protect the Bank’s information assets and computing infrastructure in compliance with organisational policies and standards.

Key Duties and Responsibilities

The duties and responsibilities will include:

• Co-ordinating with various vendors on evaluation of security technologies.
• Assisting with the coordination of information security incident response and reporting for events or exploited vulnerabilities including unauthorized system or network access, denial of service, inappropriate data access, data corruption and/or collection of private or confidential information
• Monitoring network usage to ensure compliance with security policies
• Monitoring computer networks for security issues, installing security measures and operating software to protect systems and information infrastructure, including firewalls and data encryption programs
• Collaborating with the System Administration team to perform network tests and resolving identified vulnerabilities to maintain a high-security standard
• Researching and staying up-to-date on information technology trends, security standards and enhancements and making recommendations to the Bank’s management
• Updating software with the latest security patches and ensuring the proper defences are present for each network resource
• Performing and supporting day-to-day IS security monitoring using security information and event. management (SIEM), Data Loss Prevention (DLP), End-point solution, IDS/IPS, and other malware detection software.
• Performing vulnerability and penetration tests, identifying and defending against threats, and developing disaster recovery plans
• Assisting with the development and updating of Information Security (IS) policies, standards, guidelines and procedures in alignment with the Bank’s standards framework
• Creating network policies and authorisation roles and defending against unauthorised access, modifications, and destruction
• Maintaining an information security risk register and assisting with internal and external audits relating to information security
• Assisting with the creation, maintenance and delivery of cyber security awareness training for the Bank’s staff
• Developing Bank-wide best practices for Information Technology (IT) security and providing advice and guidance to staff to generate information security consciousness and understanding in the use of security protocols
• Any other related duties as assigned.

Education/Experience

• A Master’s degree in Cyber Security, Computer Science, Information Systems, or related field with a minimum of three (3) years’ experience in information security or related field

OR

• A Bachelor’s Degree in Cyber Security, Computer Science, Information Systems, or related field with a minimum of five (5) years’ experience in an information security or related field
• Certifications from a related cyber security professional body, e.g. CISM, CISA, CISSP, experience in management, deployment and maintenance of security infrastructure and effectively managing vendors and working in cross functional teams will all be assets

Core Competencies

• A strong understanding and knowledge of computer, network, and security systems
• Strong analytical, critical thinking, and problem-solving skills
• Sound knowledge of and experience with computer network penetration testing and techniques
• Sound understanding of firewalls, proxies, security information and event. management (SIEM), antivirus, and intrusion detection and prevention system (IDPS) concepts
• Good understanding of patch management and the ability to deploy patches in a timely manner
• Proficient with Windows OS
• Experienced in installing security software and documenting security issues
• Ability to assess business risks and impact and enforce appropriate information security measures
• Proven problem solver with ability to provide in-dept analysis of complex problems, manage risks and provide insight into decisions
• Proven ability to conduct training
• Strong oral and written communication skills
• Ability to work with a team and independently
• Good customer relations and interpersonal skills
• General knowledge of information security standards such as ISO 27001/2/17, NIST 800-53, or NIST cyber security framework
• Ability to ensure standards and parameters for any systems on the Bank’s network are correct and as close to correct as reasonably can be expected
• Demonstrates responsibility for continuing development of skills, for knowledge and information management in the context of work

Other Requirements

• Required to work outside of normal working hours

Deadline for Submission of Applications

Interested persons should submit their job application and curriculum vitae to the Director, Human Resources Department, Central Bank of Barbados, at email address hrinfo@centralbank.org.bb no later than October 4, 2021.