Summary
Date Posted: 15th March 2019 , Base Salary: Not Disclosed , Employment Type: Full_Time , Currency: UGX , Value: 2500000 , Minimum: 1750000 , Maximum: 7500000 , Period: MONTH

JOB DETAILS:
Equity Bank is one of the region’s leading banks whose purpose is to transform the lives and livelihoods of the people of Africa socially and economically by availing them modern, inclusive financial services that maximize their opportunities. With a strong footprint in Uganda, Kenya, Tanzania, Rwanda, Southern Sudan and DR Congo, Equity Bank is now home to more than 12 million customers, the largest customer base in the Eastern African Region. Currently the Bank is seeking additional talent to serve its customers in the role below:
Job Title: Information Security Engineer
Job Ref: IT/EQBUL 01/2019
Reports To: Information Technology Manager
Role Profile:
As an information security engineer in charge of Enterprise systems and infrastructure protection, your role will involve offering technical support that ensures that all Enterprise systems are fully tested and remediated against any know or unknown risks. This includes conducting systems architecture design, and overseeing secure implementation. Additionally, you will be required to ensure all the Bank’s
integrations both internally and externally are secure and Bank data is not exposed to any Risk.

Job Responsibilities/Accountabilities
• Recognize and safely utilize attacker tools, tactics, and procedures.
• Must have experience and proficiency with common tools such as Metasploit, Burp Suite, Cobalt Strike, among others.
• Ability to perform in-depth security assessments of the latest adversarial threat vectors and
• technologies to ensure the Bank remains aware and protected from adversarial attack.
• Ability to self-learn and maintain strong proficiency in technical tools, countermeasures, and
• techniques.
• Ability to examine vulnerabilities through the perspective of a threat actor and articulate risk in clear terms.
• Must be able to work effectively with cross department teams and independently with teams who have various skills and backgrounds.
• Ability to use scripting languages such as Python, Perl, etc.
• Supports and participates in incident response and technical investigations as needed.
• Ensures adherence to compliance regulations and policies. Works to develop and interpret security policies and procedures.
• investigate on any incidents detected and escalate to the responsible team, and ensure proper closure.
• Develop & manage Use Case and Content. Provide guidance for Use Case/Content development.
• Ensure secure deployment and integration of all Bank’s cloud solutions.
• Ensure incident identification, assessment, quantification, reporting, communication, mitigation and monitoring
• Perform threat management, threat modeling, identify threat vectors and develop use cases for security monitoring. V
• Offer leadership and guidance to peers and foster good working relationship among colleagues.
• Full participation in requirements, architecture, design, implementation of all systems to be deployed
• Ensure all Bank’s legacy systems are fully assessed and ensure they do not pose any risk to the Bank.
• Ensure implementation of minimum baseline standards.
• Malware prevention, analysis and investigation
• Mobile Device management protection and policy enforcement.
• Conduct security and risk assessment on the Bank’s processes, technology and people to ensure proper controls are put in place and enforced.
• Conduct periodic user management review and ensure compliance with relevant policies and
• procedures.
• Attend to other duties as may be designated by the supervisor.

Excellent planning skills.
• High personal standards and goal oriented.
• Deep knowledge of Bank’s infrastructure, networks and systems. Candidates’ Qualifications and Experience:
• A university degree in information Technology/ Computer Science.
• Masters in MIS, IT or related field will be of added advantage.
• An equivalent of [4] years’ experience in Information security field and at least 2 years handling
• security monitoring, incident response and threat management
• Technical operational skills on various security monitoring tools such as FIM, DAM, SIEM, WAF, etc.
• Proven ability to identify and analyses complex security risks and threats and plan for mitigation and response.
• Experienced in project management and running multiple security projects.
• In-depth technical knowledge of operating SIEM ArcSight.
• Be capable of translating business requirements into technical solutions..


Essential Knowledge
• Proficient in the use of vulnerability and penetration testing tools both commercial and open source.
• A keen eye to identify vulnerabilities and ensure A remediation is done.
• Ensure patching of all systems to the latest patch levels.
• In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
• Experience in threat management.
• Knowledge of various operating system flavors including but not limited to Windows, Linux, Unix.
• Excellent understanding of Bank's infrastructure, networks and systems.
• Knowledge of applications, databases, middleware to address security threats against the same.
• Proficient in preparation of reports, dashboards and documentation.
• Excellent communication and leadership skills. ¢ Experience in performing vendor management.
• Ability to handle high pressure situations with key stakeholders.
• Good Analytical skills, Problem solving and Interpersonal skills.
• Leadership. Key Critical Competencies
• Business awareness.
• Shift
• based management skills.
• Threat and cybersecurity competencies.
• Strong analytical skills and problem solving skills..

{module 317}

Job application procedure
If you believe you can clearly demonstrate your abilities to meet the criteria given above, please submit your application along with a detailed Curriculum Vitae and copies of the relevant certificates and testimonials, quoting the respective job title or ref no in the subject field to recruitment@equitybank.co.ug  or post to
The Head of Human Resources, Equity Bank (U1 Ltd,
P.0. Box 10184 Kampala, by Friday, 22nd March, 2019.
Only short listed candidates will be contacted.
Equity Bank is an equal opportunity employer. We value the diversity of individuals, ideas, perspectives, insights and values, and what they bring to the workplace..