Lead IT Security Engineer - ASA
Job Type | Full Time |
Job Sector | IT & Telecommunication |
Deadline | 28 June, 2022 |
Vacancy: 01
Job Context
ASA is one of the biggest MFIs in the country as well in the world with more than 25 thousand employees serving around 72 lakh clients across the country. All the applications are developed by in-house IT team. ASA is in the process of digital transformation of 3073 branches` operations involving per day more than 90 (ninety) lakh transactions in the system of more than 25000 users. ASA welcomes you to take the initial challenges of this transformation.
Job Responsibilities
- Responsible for developing best security practices, standard and monitoring system for any security beaches for ICT operation and maintaining IT security operational center (SOC) in compliance with security standard requirements.
- Ensure that newly acquired technology complies with the IT security regulations.
- Determine the cause of internal and external data breaches and instituting appropriate corrective action.
- Provide updates and identified threats to the Development Security organization continuously improve processes through automation and tools creation.
- Responsible for Cyber security technology and hands-on experience on Vulnerability assessment (VA) and penetration test (PT) technologies, incident response and investigation activities.
- Harden software and hardware configurations.
- Create and maintain documentation of IT security technology procedures, processes, configurations and diagrams.
- Monitor and analyze logs and alerts from a variety of different technologies across multiple platforms to identify security incidents.
- Develop mitigation and remediation plans as a result of vulnerability assessment findings.
- Ensure that processes related to the IT Security are imposed in accordance with industry best practices. Facilitate discussions with stakeholders and suppliers as to how best practices might be adopted in the management of the network.
- Ensure that the processes are documented, and that these processes are managed in order to effectively deliver the required Security measure for the protection of Computer Systems, Networks and the Information
Workplace: Work at office
Educational Requirements
- B.Sc./ M.Sc. in CSE/ IT/ MIS/ Software Engineering/ ECE/ EEE or equivalent and relevant engineering degree.
- Will be considered as added advantage having the Certification: OSCP/CEH (Practical)/OSWP/OSCE/OSEE/OSWE/CISSP/CREST
Experience Requirements: At least 8 year(s)
Additional Requirements
- Age at most 45 years
- Manage overall IT security operations.
- Deep understanding of Data and asset security including but not limited to classification of data and assets, data ownership, storing and disposing of data and data and asset security.
- Understanding of the domain of security models and design including design principles, and security models of physical and logical security.
- Deep understanding of system, network architecture, Access control, identity and authentication.
- Understanding and knowledge of SDLC, Software development security principles including web application security and design pattern.
- Hands on into scripting languages like python/bash or Ruby.
- Experience with one or more IT security frameworks, such as CIS, NIST, GDPR, ISO 27001: 2013 ISMS.
- Deep knowledge and application of Security Operations Center (SIEM, PAM, DLP, NMS, A-APT, Firewall, IDS/IPS, WAF, Load Balancer etc) is preferred.
- The applicants should have experience in the following area(s):
- Minimum 5+ years supporting a SOC team or similar.
- Experience in configuring and implementing open source and commercial technical security solutions, such as firewalls and intrusion detection systems.
- Excellent technical aptitude, resourcefulness, and critical thinking skills.
- Experience with common operating systems (Windows, *nix) and networks.
- Meticulous reporting skills.
- Hands-on with incident response and investigation activities.
Job Location: Dhaka
Salary
- Tk. 150000 (Monthly)
- For highly qualified & experienced candidates, salary may be negotiable. Probation period will be 1 (one) year long. After successful completion of the probationary period, the officer will be accommodated in the regular Pay Scale of ASA.
Compensation & Other Benefits
-
All other admissible benefits like Contributory Provident Fund, Gratuity, Yearly Increment, Festival Allowance, Naboborsho Allowance (Boishakhy) and Employee's Group Benefit Fund will be attributed.
- Interested and eligible candidates are highly encouraged to apply at www.bdjobs.com along with a full CV mentioning among others mobile no. & e-mail address within 28/06/2022 addressing President, ASA, 23/3, Bir Uttam A.N.M. Nuruzzaman Sarak, Shyamoli, Mohammadpur, Dhaka-1207. The original copies of certificates must be carried with and produced to the board at the time of interview. According to the rules of the organization, selected candidate will be required to deposit TK. 10,000/- (ten thousand) at the time of joining the organization and s/he will get it back with interest while leaving the job.
- Only shortlisted candidates will be called in for the recruitment procedure.
- ASA is a grant free, self-reliant and non smoking microcredit organization.
- Microcredit Regulatory Authority (MRA) Certificate No. 00470-00538-00100)
- Photograph must be enclosed with the resume.