Senior/Senior Specialist – Information Security Department
- Perform information security threats, gap and impact assessments on IT applications, infrastructure systems, communication channels based on industrial recommendations and best practices.
- Manage and investigate information communications security incidents and enhance incident response plan.
- Ensure end-point security compliance against requirements for patching, anti-virus and other protection devices.
- Deploy and management of security infrastructure devices such as Firewall, Database Security Solution, IPS, SIEM, Vulnerability Management and other security devices.
- Coordinate with internal departments and branches and communicate security related concepts to both technical and non-technical staff.
- Establish information security controls in various projects by closely following the design, deployment, management and enhancement of the security barriers.
- Work with different IT teams and business units to provide and propose solutions which meet the needs of the business.
- Train the internal staff on a continuous basis related to information security threats
- University degree in Computer Science, Informatics, Electronic engineering, Information Security OR Another degree that provided a minimum education in one or more of the fields identified above and included the development or adaptation of applications, systems or networks; or equivalent combinations of experience and education.
- Four years minimum hands on experience in security including experience with Internet Cyber based technology and security issues.
- Financial services industry knowledge is highly desirable (especially in the Banking Sector).
- Good working knowledge with international Information Security procedures, methodologies and standards (ISACA, ISO 27001, PCI DSS etc.).
- Good working knowledge in the fields of information security, project management, business applications, database systems, networking infrastructure, information systems’ operations, maintenance and support.
- Any certification in information security such as CEH, CISSP, etc. is highly desirable.
- Advanced level of English is required. Ability to communicate technical and security related concepts to broad range of technical and non-technical staff.
- Excellent written and oral communication skills. Strong analytical skills.
- Ability to work independently with minimum supervision or as part of integrated teams.
- Ability to easily adapt to changes in information technology and quickly learn and utilize new tools and methodologies.
- Practical knowledge of security systems and good knowledge of security solutions on the market (eg. Firewall, DMZ, SSL/IPSec VPN, Proxy, Remote Access, PKI ).
- Good knowledge of general network environment (LAN, WAN, WiFi, routers, switches).
- Good knowledge of network communication protocols (Ethernet, TCP/IP, MPLS).
- Good Application Penetration knowledge (eg. XSS, buffer overflow, URL tampering, SQL Injection, dDoS, Botnet).
- Preferably a University degree, 4 to 5 years’ experience in the Security domain (IT or Network domains are also valuable);
- Technical knowledge of mainstream operating systems and a wide range of security technologies, such as network security appliances, anti-malware solutions and desktop security tools;
- Knowledge of network infrastructure, including routers, switches, firewalls, and the associated network protocols and concepts;
- Knowledge of and experience with identity and access management (IAM) principles, processes and tools;
- Experience designing secure networks, systems and application architectures Direct experience with anti-virus software, intrusion detection, firewalls and content filtering.
- Direct experience for treating information security incidents.
- Train other Information Security colleagues in order to increase the knowledge level of the team
Interested candidates are encouraged to apply to this link: https://cv.bkt.com.al/candidate/job_search# or in our website www.bkt.com.al.
All applications will be treated with the highest confidentiality.
Only candidates that meet our criteria will be notified.