IT Risk & Security officer (Reanounce)

Vacancy Number:N/A
Title: IT Risk & Security officer (Reanounce)
Category:Information Technology (IT)
Duration:One year - Ext.
Exp.: 2018-08-16-(7 Months Ago)
Jobs no:1
Salary:As per organization salary policy per month


Organization: New Kabul Bank | About New Kabul Bank
City: Kabul
Country: AF


Education:Bachelor in Computer Application/Computer Science/ Information Technology
Work Experience:2-3 Years


Minimum Bachelor in Computer Application/Computer Science/ Information Technology or Management Information Systems or related field.

Certification:CISSP (Certified Information Systems Security Professional) ORCISM(Certified Information Security Manage) OR related security certification is must.



Minimum 2-3 years of experience in technology field with a focus on security management security assessment risk and compliance - IT Risk Security. Knowledge of networking and security technologies such as IPSEC VPN routers switches 2nd gen firewalls encryption intrusion detection/prevention data leakage WAF white lists network protocols and ports identity access control authentication standards among others.

Duties & Responsibilities

Job summary:

The IT Security Specialist will function as the overall security expert for the enterprise IT environment.  This includes oversight of security projects facilitation of security and audit assessments IT systems hardening and security best practices compliance programs vulnerability remediation security scanning and reporting disaster recovery preparedness and change management.

The individual will report to Chief Information officer / Deputy Chief Information Officer..


Job Description:

-Function as the overall security expert in the enterprise.

- Protects system by defining access privileges control structures and resources by conducting periodic vulnerability and security risk assessments and scans of IT Infrastructure.

- Defines recommends and manage security configuration and operations standards for security and information systems and applications including policy assessment and compliance tools network security appliances and host-based security systems.

- Defines and validates baseline security configurations for operating systems applications databases networking and telecommunications equipment.

- Determines security violations and inefficiencies by conducting periodic audits.

- Liaison to Networking to ensure security in architecture and technology changes.

- Ensure endpoint security and adherence to approved data policies as per DAB norms and regulatory standards for business technology and procedural changes.

- Identifies and makes recommendations regarding critical points of failure.Recommends changes required to expand recovery plans

- Maintain and update the IT Incident Response Plan.Works with teams to resolve issues that are uncovered by various internal and monitoring tools.

- Develops refines and implements of enterprise-wide security policies procedures and standards to meet compliance responsibilities. Monitor compliance programs according to policies and procedures for breaches or exposure.

- Provides security support for application- and infrastructure related projects to ensure that security issues are addressed throughout the project life cycle.

- Focus on security for emerging technologies in internet channels.

- Assists in the development and implementation of information security disaster recovery test plans.

- Monitors the legal and regulatory environment for recent developments.

- Ensures recovery drills are performed and analyzes performance.

- Develops and delivers IT risk & security awareness and compliance training programs.

- Serve as systems security advisor to the CIO or Deputy CIO.

Submission Guideline

Interested candidates are requested to send their applications along with copies of their CV and educational and work certificates to the following address.

NKB main office - HRD

Address: 10-42 Torabaz Khan Shahr-e-Naw Kabul - Afghanistan.

Applications by email can be sent to [email protected]  All candidates short-listed for interviews will be directly contacted.

Email: [email protected]