Purpose of the Job

Key Accountabilities

• Operate the Bank Security Infrastructure (Run the Bank) including firewall policies, VPNs, IPS/IDS, and mail gateways.
• Penetration Testing Coordination: Coordinate and support penetration testing efforts, analysing findings, and working with teams to address identified security weaknesses.
• Vulnerabilities Process Follow-Up: Monitor and track the status of identified vulnerabilities, ensuring that remediation efforts are executed efficiently and effectively. Manage the process and provide reporting associated
• Patching Follow-Up: Manage and oversee the patch management process including EDR follow up, ensuring timely application of security updates and addressing vulnerabilities in a proactive manner.
• Security Dashboard Creation: Develop and maintain security dashboards to provide real-time visibility into security metrics, vulnerabilities, and incident response efforts for stakeholders
• Operate the day‑to‑day data leakage prevention (DLP) and data exfiltration monitoring activities, including detection, investigation, and remediation of potential data leaks across network, endpoint, cloud, and perimeter layers.
• Technical Risk Analysis Support: Assist in conducting technical risk assessments and analyses to identify potential security threats and recommend appropriate mitigation strategies.
• Access Validation: provide guidance for specific access request by following Access control policy principles
• Maintain and secure the group network infrastructure, including Lan, Wan, SD-WAN, VPN, Bank Wireless network and cloud networking.
• Ensure secure connectivity between on-premises environments and cloud platforms
• Collaboration: Work closely with IT teams, including CISO, to integrate security into all aspects of the organization’s IT landscape.

Knowledge and Experience

• 5+ years of experience in IT Security, with strong hands-on experience in enterprise network administration.
• Strong knowledge of security frameworks and best practices (e.g., NIST, ISO 27001).
• Proven experience in network and security operations within complex environments.
• Experience with penetration testing methodologies and tools.
• Familiarity with security technologies, including firewalls, IDS/IPS, and SIEM solutions.
• Excellent analytical and problem-solving skills.
• Strong communication skills, with the ability to present technical information clearly to diverse audiences.
• Relevant certifications (e.g., CISSP, CEH, CISM, CCNP Security, etc) are highly desirable.
• Ability to collaborate effectively with cross-functional teams

Attributes and Qualities

• Adaptability & Learning Agility
• Time Management
• Communication (Verbal & Written)
• Client-Centric Mindset
• Collaborative Teamwork

Technical Skills

• Strong knowledge in Security Frameworks and Standards. Knowledge of security frameworks (ISO 27001, NIST, CIS Controls) and Compliance regulations (GDPR, DORA, etc)
• Strong knowledge Firewall Next Generation (VPN, IPS, Anti-malware, Sandbox, URL Filtering, ...); Mail & Web gateways;
• Knowledge in VPN and Remote access solutions
• Knowledge in Endpoints Security (antivirus, antimalware)
• Knowledge in Threat Intelligence and Vulnerability Management - Ability to analyse threat intelligence and conduct vulnerability assessments. Familiarity with security tools (SIEM, vulnerability scanners).

Languages Skills

• Excellent written and oral French and English skills are essential, any other language is an advantage