The key security objectives of the Security Unit (SECU) are to assure for all of the Bank’s locations the:
- Fire Protection of all African Development Bank (AfDB) assets and personnel in Côte d’Ivoire and at all AfDB locations worldwide.
- Implementation of fire security and fire emergency contingency plans.
- Preparation of fire security infrastructure for the return to Headquarters (HQ) from the Temporary Relocation Agency (TRA).
- Conducting Fire Risk Analysis and Fire Risk Assessment Reviews to be included in all Security Unit (SECU) reporting from the Chief of Security at HQ.
- Close liaison with the Security Fire officials in host countries and other global partners in Cote d’Ivoire.
- Expand fire and safety programs to the Field.
- Protection of all AFDB assets and personnel in Côte d’Ivoire.
- Conduct physical security operations under the guidance of the Chief of Security at HQ.
Under the direct supervision of the Chief Information Security Officer (CISO) who reports directly to the Head of the Security Unit, the incumbent will be responsible for protecting the Bank’s IT resources and information assets based on industry and the Bank policies guidance and industry best practices. The candidate will work closely with network, security, and application engineers to collaborate on secure solutions.
Duties and responsibilities
Under the direct supervision of the Chief Information Security Officer (CISO), the duties and responsibilities are as follows:
- Participate in the projects for installation/upgrade and/or deployment of physical security and information security systems (e.g.: CCTV surveillance systems, physical access control systems, endpoint protection systems, intrusion prevention/detection systems, firewalls, IT vulnerability assessment systems, remote access systems, multi-factors authentication systems, data protection systems, etc.); and participate in the administration of these security systems.
- Act as the primary technical support liaison in charge of the information security systems, take appropriate actions to ensure that these systems are always up to date on all relevant appliances, servers, endpoints, etc.
- Maintain an inventory of all information security requirements documents such a policies, standard and procedures, etc.
- Maintain and update the configuration of endpoint protection systems, intrusion prevention and detection systems, firewalls, and others deployed security system within the Bank.
- Define and recommend strategies and priority options to mitigate risk to levels acceptable to the Bank.
- Analyze controls and identify significant changes in information risk and report these to the CISO.
- Follow up on or timely execute treatment of the requests that have been approved by appropriate authorities to grant, update or remove access privileges to users, especially in critical business applications (e.g.: SAP, Swift, Summit, etc.)
- Participate in security response activities, follow up appropriate procedures and provide technical details for the management – including the investigation – of various security incidents such as cyberattacks, virus infestations, etc.
- Monitor security systems and promptly notify the Head of SECU or the CISO of suspected intrusions, virus infestations, denial of service attacks, and other abuses.
- Analyze risks and take appropriate remediation actions in timely manner to reduce or eliminate potential impact of identified vulnerabilities.
- Assist with the diffusion and implementation of information security policies, standards, guidelines, awareness, etc.
- Escort and monitor third party personnel when they come to the Bank to work on security equipment that are physically located on the Bank’s premises.
- Perform other information security operations as assigned by the CISO or its delegates as necessary.
- Provides users with technical support on matters related to information security.
Including desirable skills, knowledge and experience
- A minimum of a Bachelor’s degree in Information Security, Computer Science, Information Technology or any other related field/discipline. Additional international industry certifications relating to information security would be an advantage.
- A minimum of six (6) years of direct relevant experience in Information Security, Computer Science, Information Technology or any other related field/discipline.
- Good understanding of information risk and Security concepts, principles and policies, and their application.
- Good understanding of Security systems (e.g.: Firewalls, IDS/IPS, NAC, SIEM, Content Filtering, vulnerability assessment, authentication systems, etc.)
- Competence across multiple platforms and technologies: Windows, Unix, Linux, applications, databases; computer operations, Intranet/Internet, etc.
- Good knowledge of the Bank’s critical business applications (e.g.: SAP. SWIFT, SUMMIT, etc.) would be an advantage.
- Competence in the use of standard Microsoft office applications.
- Mixed analytical, technical and problem solving skills with strong attention to detail.
- Good interpersonal and communication skills.
- Excellent written and verbal communications in English or French with a working knowledge of the other language.
NB : This Position does not attract international Terms and Conditions of Employment. (Incumbent of the Position will be considered as Local Staff and will not have International Status).