IT Risk Analyst

  Kabul Bank
  Afghanistan Unspecified 999
Date Posted:Feb 10, 2011
Reference:ITA-RA-001
Closing Date:Feb 27, 2011
Work Type:Unspecified
Number of Vacancies:1
Gender:Male
Functional Area:IT - Hardware
Nationality:Afghan
Salary Range:As per NTA salary scale policy
Years of Experience:2 Years
Contract Duration:Not specified
Possibility of Contract Extension:No
Contract Type:Permanent
Probation Period:Unspecified
Required Languages:

About Kabul Bank:

 

Kabul bank is a comercial bank in Afghanistan

Job Summary:

You will conduct formal risk reviews and assessments of high security risk applications using the Bank's IT Risk Assessment Methodology. Agree risks with internal clients and document these risk assessments.
Extensive IT Risk security experience essential, ideally within an IT Environment in a large financial services organization. Recognized qualifications (CISSP, CISA, CISM or similar) are desirable and an understanding of the impact of technology on banking systems required.
Recommend additional security solutions or enhancements to existing security solutions to improve overall security. Perform the deployment, integration and initial configuration of all new security architectures and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the account's security documents specifically. Monitor adopted security solutions for efficient and appropriate operations. Collect and review security logs and reports of all operational devices. Broad understanding of technology security best-practice. In-depth understanding of IT technical controls and standards. In-depth understanding of ISO27001:2005. Good understanding of the PCI DSS. Provide security subject matter expertise on projects undertaken by all resolving teams. Impact Change Requests Liaisons with various IT Service teams as appropriate. Manage and investigate IT Security Incidents. Identification and recording of IT Security Incidents. Administer the risk register appropriately. Maintain IT vulnerability register. Development of IT security polices, standards and procedures. Identify and report warning signs of potential vulnerabilities. ESSENTIAL EXPERIENCE. Technical background (varied). Information Security background. Track record in PCI DSS. Change Management - technical impact assessment. Risk Management background. Security Incident Management exp. Relationship Management. ISO27001 exp. Professional outlook. Flexible attitude and an ability to offer solutions. IP Networking. ISS Real Secure. Securing Windows. Tripwire. Net Forensics. NESSUS. McAfee ePO. Vulnerability exploitation techniques. ISO27001:2005 CRAMM risk assessment methodology Experience in at least one of the following: Checkpoint Firewall-1 Cyberguard Firewalls Netscreen FirewallsCapita Resourcing welcome applications from all suitably qualified people regardless of gender, race, disability, age.

Duties & Responsibilities:

You will conduct formal risk reviews and assessments of high security risk applications using the Bank's IT Risk Assessment Methodology. Agree risks with internal clients and document these risk assessments.
Extensive IT Risk security experience essential, ideally within an IT Environment in a large financial services organization. Recognized qualifications (CISSP, CISA, CISM or similar) are desirable and an understanding of the impact of technology on banking systems required.
Recommend additional security solutions or enhancements to existing security solutions to improve overall security. Perform the deployment, integration and initial configuration of all new security architectures and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the account's security documents specifically. Monitor adopted security solutions for efficient and appropriate operations. Collect and review security logs and reports of all operational devices. Broad understanding of technology security best-practice. In-depth understanding of IT technical controls and standards. In-depth understanding of ISO27001:2005. Good understanding of the PCI DSS. Provide security subject matter expertise on projects undertaken by all resolving teams. Impact Change Requests Liaisons with various IT Service teams as appropriate. Manage and investigate IT Security Incidents. Identification and recording of IT Security Incidents. Administer the risk register appropriately. Maintain IT vulnerability register. Development of IT security polices, standards and procedures. Identify and report warning signs of potential vulnerabilities. ESSENTIAL EXPERIENCE. Technical background (varied). Information Security background. Track record in PCI DSS. Change Management - technical impact assessment. Risk Management background. Security Incident Management exp. Relationship Management. ISO27001 exp. Professional outlook. Flexible attitude and an ability to offer solutions. IP Networking. ISS Real Secure. Securing Windows. Tripwire. Net Forensics. NESSUS. McAfee ePO. Vulnerability exploitation techniques. ISO27001:2005 CRAMM risk assessment methodology Experience in at least one of the following: Checkpoint Firewall-1 Cyberguard Firewalls Netscreen FirewallsCapita Resourcing welcome applications from all suitably qualified people regardless of gender, race, disability, age.

Job Requirement:

BCS in Information technology or Master in CS is preferred.
Certifications: CISSP, CISA, CISM
While applying to the mentioned position do not forget to Vacancy No as your subject it is mandatory.

Job Location:

Afghanistan
This job is expired