Job Description
Apply now
Job Title:  Sr. Officer - Information Security
Posting Start Date:  05/06/2026
Job Description: 

Job Purpose

    To be a part of the Information security team, responsible for the following information security activities:-
    
1.    To implement information security polices and standards as per the banks policies
2.    To perform the Information security Risk assessments.
3.    To perform application security assessment and vulnerability assessments.
4.    To monitor the logs for the security threats and compliance 
5.    Develop and review the information security policies, standards and guidelines
6.    Develop the metrics for the information security to report the status of the information security to the management.
7.    Develop and conduct user awareness program.
8.    To be a part of the banks Information security incident management program.
9.    To perform the application security reviews.
10.    To ensure that the information assets are identified, classified and appropriate controls are applied as per classification guidelines of the bank.

Key Accountabilities

Identification of Information Assets and classification
Perform Risk Assessments
Perform vulnerability assessments
Monitor the Security posture of the bank
User Awareness trainings
Information Security Dashboard
IT Security  Advisory 
Incident Handling

Other Accountabilities

Other Accountabilities

Job Context

The principal challenges of this role include:

•    Dealing with rapid and on-going changes in technology and the introduction of  new security vulnerabilities 
•    Arranging to acquire a broad scope of skills required by Information Security Risk, including: 
o    specialised Information Security Risk and Control expertise (theory and principles), detailed knowledge of information security risk standards, policies and guidelines
o    commercial understanding required to contribute to and support business functions, operations as well as project and consulting tasks
•    Development and delivery of appropriate Information Security Risk awareness among the users
•    Ensuring that Information Security support NBF’s business objectives.

Education

Bachelor Degree in Banking or IT or Information Security or Risk

Experience and Skills

Professional Qualifications and Work Experience
CISSP, SANS GIAC, CISA etc.
Have good experience in the Information Security program development, information Security program management, Information Risk Management and Incident Management.

Good Knowledge in the following technologies:-

1.    Intrusion Detection/Prevention System
2.    Log Management (Q1, Arch sight etc...)
3.    Should be able to understand the application security concepts
4.    Knowledge on the security tools like NMAP, Nesus etc.

Technical Competencies

AML,CTF,Sanctions- Financial Crime- Risk Management- Basic
Results Orientation-Basic
Communication-Basic
Collaboration-Basic
Customer Focus-Basic
Agility and Innovation-Basic
Regulatory Compliance and Fraud- Risk Management- Basic
Operational Risk Management -Risk Management- Proficient
Credit Risk Management- Risk Management- Basic
Risk Analytics and Basel - Risk Management- Basic
Enterprise Risk Management (ERM) & Governance - Risk Management- Basic
Cyber & Information Security - Risk Management-Advanced
Market and Liquidity Risk Management- Risk Management- Basic

Behavioural Competencies

Agility and Innovation-Basic
Customer Focus-Basic
Collaboration-Basic
Communication-Basic
Results Orientation-Basic
Apply now