Responsibilities: 1.Plan, develop, implement, maintain and continuously improve security threat & vulnerability technology, process and skills to ensure that threats & vulnerabilities detection and resolution is effective, relevant and efficient.2.Provide reliable and efficient IT security management and support services and ensure all IT security reported incidents, problems and issues are resolved within the agreed service level with minimal business impact, which includes escalation (if required) to the management.3.Administer research and monitor global development of threats and vulnerabilities.Promptly respond to critical threats & vulnerabilities by assessing the impact to the Bank's IT infrastructure and applications.Identify, monitor and report resolution or fixes to the threats and vulnerabilities.4.Plan and execute security posture assessment including penetration test and vulnerability assessment for all IT infrastructure and application systems.Report findings and monitor resolution of the threats and vulnerabilities.Drive prioritization and the associated coordination of remediation activities across the organization.5.Participate in strategic planning for the deployment of cyber security technologies and program enhancements.Develop and implement continuous improvement actions to address and resolve the gaps.6.Maintain strategic relationship/networking and collaborations with other Technology team and external IT security expert to benchmark and improve the Bank's IT security threat and vulnerability management.7.Monitor the administrative procedures, services by outsourced providers, nonpliance issues or other deviations to ensure that the management of Technology security posture assessment activities are aligned with Technology Service security procedures and guidelines.8.Analyze, document, andmunicate detailed reports including rmended remediation actions to cybersecurity leadership, legal, and business stakeholders.9.Assumes a leadership role in advocating internally and externally forpliance to security measures to protect corporate applications and environments.10.Partner with Risk Management in development of organizational or business unit specific risks or exceptions tied to vulnerabilities with associated tracking and reporting to leadership.11.Work with system and application owners to identify opportunities to streamline patching and implement automation solutions, where possible, to remediate vulnerabilities efficiently and effectively.Job Requirements: Hands-on experience with vulnerability scanning tools or endpoint protection and having the knowledge of vulnerability management process including remediation planning.Working knowledge of information systems security standards/practices (, access control and system hardening, system audit and log file monitoring, security policies, and incident handling).A solid technical background with experience in system delivery including SDLC and vulnerability program methodologies.Ability to clearlymunicate Information Security matters to executives, auditors, end users, and engineers, using appropriate language, examples, and tone.Having an effectivemunications/reporting on Technology Security surveillance activities among stakeholders and ensure awareness on the roles and responsibilities throughout the organization.Capability to takeplex security concepts and present the ideas (and benefits) to non- technical management in an impactful qualitative and quantitative way.Job ID JR100460
