The Central Bank of Barbados is seeking to fill a vacant post of Information Security Officer.
Job Summary
To assist in ensuring that the Bank’s security architecture is aligned to security policies and tactical operating processes, procedures and standards, to secure and protect the Bank’s information assets and computing infrastructure.
To assist with coordinating and/or supervising all ongoing activities that serve to provide appropriate access to and protect the Bank’s information assets and computing infrastructure in compliance with organisational policies and standards.
Key Duties and Responsibilities
The duties and responsibilities include, but will not be limited to:
- Co-ordinating with various vendors on the evaluation of security technologies
- Assisting with the coordination of information security incident response and reporting for events or exploited vulnerabilities including unauthorised system or network access, denial of service, inappropriate data access, data corruption and/or collection of private or confidential information
- Monitoring network usage to ensure compliance with security policies
- Monitoring computer networks for security issues, installing security measures and operating software to protect systems and information infrastructure, including firewalls and data encryption programs
- Collaborating with the System Administration team to perform network tests and resolving identified vulnerabilities to maintain a high-security standard
- Researching and staying up-to-date on information technology trends, security standards and enhancements and making recommendations to the Bank’s management
- Updating software with the latest security patches and ensuring the proper defences are present for each network resource
- Performing and supporting day-to-day IS security monitoring using security information and event management (SIEM), Data Loss Prevention (DLP), End-point solution, IDS/IPS, and other malware detection software
- Performing vulnerability and penetration tests, identifying and defending against threats, and developing disaster recovery plans
- Assisting with the development and update of IS policies, standards, guidelines and procedures in alignment with the Bank’s standards framework
- Creating network policies and authorisation roles and defending against unauthorised access, modifications, and destruction
- Maintaining an information security risk register and assisting with internal and external audits relating to information security
- Assisting with the creation, maintenance and delivery of cybersecurity awareness training for the Bank’s staff
- Developing Bank-wide best practices for IT security and providing advice and guidance to staff to generate information security consciousness and understanding in the use of security protocols
Education/Experience
A Master’s degree in Cybersecurity, Computer Science, Information Systems, or related field with a minimum of three (3) years’ experience in information security or related field
or
A Bachelor’s Degree in Cyber Security, Computer Science, Information Systems, or related field with a minimum of five (5) years’ experience in an information security or related field
Certifications from a related cybersecurity professional body, e.g. CISM, CISA, CISSP, experience in management, deployment and maintenance of security infrastructure and effectively managing vendors and working in cross functional teams will all be assets
The Candidate
The successful candidate must have:
- A strong understanding and knowledge of computer, network, and security systems
- Strong analytical, critical thinking, and problem-solving skills
- Sound knowledge of and experience with computer network penetration testing and techniques
- Sound understanding of firewalls, proxies, security information and event management (SIEM), antivirus, and intrusion detection and prevention system (IDPS) concepts
- Good understanding of patch management and the ability to deploy patches in a timely manner
- Proficiency with Windows OS
- Experience in installing security software and documenting security issues
- Ability to assess business risks and impact and enforce appropriate information security measures
- Proven problem-solving skills with ability to provide in-depth analysis of complex problems, manage risks and provide insight into decisions
- Proven ability to conduct training
- Strong oral and written communication skills
- Ability to work with a team and independently
- Good customer relations and interpersonal skills
- General knowledge of information security standards such as ISO 27001/2/17, NIST 800-53, or NIST cyber security framework
- Ability to ensure standards and parameters for any systems on the Bank’s network are correct and as close to correct as reasonably can be expected
- Demonstrated responsibility for their continuing development of skills, for knowledge and information management in the context of their work
Other Requirements
Required to work outside of normal working hours
Compensation
Salary and benefits, including Group Life Insurance, Group Medical Insurance and Pension will be in accordance with the Bank’s policy.
Deadline for Submission of Applications
Interested persons should submit their job application and curriculum vitae to the Director, Human Resources, Central Bank of Barbados by email at hrapplications@centralbank.org.bb, no later than February 4, 2023.
Please be advised that only suitable applications will be acknowledged.