Systems Security Specialist – Applications at NMB Bank

Job Location :Head Office, Hq

To plan, organize, and deliver cost-effective and efficient IT security controls within developed and acquired systems within the bank.

Support the secure application development strategy and roadmap of the bank by ensuring applications are securely designed and developed.
Support implementation of application security governance by defining, developing, implementing, and maintaining required policies, procedures, standards, and guidelines
Establish and develop security requirements and designs for all developed and acquired systems.
Provide security assurance of all applications implemented by validating the implementation of security designs, conducting manual applications code reviews and security assessments to eliminate security vulnerabilities.
Assist the development team and system vendors in reproducing, triaging, and addressing application security vulnerabilities.
Conduct periodic security assessments and review of implemented systems to ensure their continued compliance with security standards.
Establish, maintain, and implement optimal security configurations of all databases, middleware, and applications.
Conduct research and make recommendations on systems security solutions, services, protocols, standards, and best practices in support of systems security continuous improvements.
Prepare and maintain systems security documentation including security architecture and designs of systems and applications.
Implement security improvements by continuously assessing the implemented controls, evaluating security risks, and anticipating requirements.

Knowledge of modern software development trends as well as understanding of software security practices.
Knowledge of systems security standards and baselines in operating systems, databases, middleware, and applications; Hands-on experience in implementing applications in wide range of Operating Systems is mandatory.
Knowledge in the best practices of secure mobile application development.
Experience identifying security issues through manual code review in Java, PHP, JavaScript, Typescript, and other programming languages.
Hands-on experience in common security libraries and tools (e.g., static and dynamic application security testing tools, proxying / penetration testing tools)
A basic understanding of network and web related protocols (such as TCP/IP, UDP, HTTP, HTTPS).
Familiarity with security standards such as OWASP Testing Guide, OWASP ASVS and NIST Security Standards.
Good interpersonal, written, and oral communication skills in English and Swahili.
Demonstrable honesty, integrity, and credibility; ability to engender the trust and confidence of internal constituency and external partners.
Ability to communicate complex security concepts in an easy-to-understand business language.

At least a bachelor’s degree in Computer Science or related academic field.
Professional certifications such as CEH, CISA, CISSP, OSCP, GPEN will be an added advantage.
At least 2 years of relevant work experience.
Experience in scripting and automation using PowerShell and Bash/Shell Scripting.
Solid hands-on experience in Computer Programming in either Java, PHP or Python is mandatory.

NMB Bank Plc is committed to creating a diverse environment and is proud to be an equal opportunity employer

Job closing date : 28-Mar-2023