Providus Bank Plc is a Personal and Private commercial bank in Nigeria with strength in IT infrastructure and digital channels to support fin-techs and businesses.

We are recruiting to fill the position below:

Job Title: Infrastructure Security Engineer

Location: Lagos
Employment Type: Full-time

Job Summary

• The Information Security Engineer operationalizes the cybersecurity system and maintains IT security infrastructure.
• The team is responsible for designing, implementing, maintaining, overseeing, and upgrading all security measures needed to protect organizations’ data, systems, and networks, which includes protecting digital assets, users and data and managing the security defense infrastructure.

Responsibilities
Principal Duties:

• Network Security
• Application and Database Security
• Systems Security
• Access Control Management

Responsibilities
Network Security:

• Configuration & management of network security devices such as Firewalls, IPS, etc.
• Review and implement network access permissions on firewalls.
• Implement approved policy changes on network security devices.
• Manage Network Access Control (NAC) as well as LAN segmentation.
• Support and trouble-shoot network security devices.
• Work with the Network team to ensure the Network topology diagrams are up to date.
• Ensure that the Bank’s network architecture is securely designed.
• Ensure that all Bank’s network devices, including Routers, Switches, NAC, Wireless LAN Controllers, etc., are securely configured.
• Participate in network and perimeter security testing.

Application and Database Security:

• Work with software and security engineers to design/maintain and build security tools and services.
• Provide technical support to the products team.
• Perform security architecture and design reviews of all systems and applications developed in the Bank.
• Perform validation of security control to ensure adherence with compliance.
• Design, implement and configure database security architecture, software and controls.
• Perform regular vulnerability scanning and patching of the Bank’s assets.
• Validate baseline security configurations for operating systems, applications, networking, database and telecommunications equipment.

Systems Security:

• Design and implement security configuration on servers, workstations and ATMs to ensure compliance with the Bank’s standards.
• Maintain an updated inventory of all IT Assets in the Bank.
• Perform threat modelling and assist with secure operating system image build.
• Perform periodic reviews of security configuration and create corrective action plans for non-compliant items.
• Participate in infrastructure security testing.
• Work with the relevant teams and vendors to ensure patches are tested and applied as at when due on servers, workstations and ATM terminals.
• Support security incidents’ resolution on servers and other infrastructure elements.
• Interface with third-party vendors to evaluate new security products or as part of a security assessment process.
• Develop measures to evaluate the performance of information / cyber security programs to protect information and network infrastructure and computer systems.
• Assist in the cost-benefit analysis of security imperatives.
• Ensure that controls that meet business requirements are embedded at all levels of the system development /acquisition life cycle (SDLC).

Requirements

• Bachelor’s Degree and/or MSc in Computer Science, Cybersecurity, Information Systems, or a related field with relevant work experience.
• Three or more years of combined IT, security, risk, audit and control work experience with a broad range of exposure to systems analysis, review, auditing, risks, assessment, application development, system administration, designing and deploying security solutions.
• Must possess at least three of the following: CompTIA Security+, CISA, CEH, CCNA, Microsoft systems examinations, etc.
• Hands-on experience in computer security systems, web-based security protocols, and security frameworks.
• Solid experience in network security (firewall, IDS & IPS) evasion techniques.
• Expert knowledge of cybersecurity fundamentals, solutions for vulnerability management, security monitoring, infrastructure, and regulatory requirements.
• Proficiency in secure network architectures, application security, and security by design.
• Experience with Cloud computing and virtualized environments.
• Familiar with identity and access management principles.

Application Closing Date
Not Specified.