IT Security Associate in City of London

About Us

BACB is a UK bank that offers trade finance and complementary products to clients in specialist markets, especially Africa and the Middle East. We have been helping businesses with trade finance and complementary products for over half a century, focusing on trade flows to and from Africa and the Middle East as well as real estate in the UK. Our in-depth knowledge of the countries and practices where our clients operate ensures that we put them first.

Additional Info

• Hybrid Working: 3 days onsite, 2 from home
• Location: City of London
• Contract Type: Permanent

Job Summary

Reporting to the Head of Information Security, the role will support the delivery of the Bank's IT Security strategy through implementation of the Cyber security programme, configuration and management of cyber security solutions, and proactive collaboration with the Bank's security operations functions.

Key Work Outputs and Accountabilities

• Assist with the delivery of the Bank's strategic Cyber Security roadmap and maintaining regulatory compliance.
• Act as a security point of contact to advise and guide the IT team as to effective ways of operating the Bank's diverse security tooling.
• Lead the creation, maintenance and delivery of the Bank's cyber security awareness and training programme including mandatory training and Phishing simulation exercises.
• Familiar with the use of specialist security tools to resolve security issues and security related requests.
• Assist with the collection, collation and presentation of assurance that the Bank's security controls are operating as intended and within the Bank's risk tolerance (including organising vulnerability management and penetration testing exercises).
• Lead the Bank's collection, interpretation and dissemination of the current Cyber threat landscape and help with the identification of innovative controls and mitigations to match.
• Help to generate security performance metrics and KPIs.
• Help to ensure that the Bank can effectively respond and recover from Cyber security incidents.
• Support the delivery of the relevant Risk and Control Assessments related to technology and cyber risk.

Required Qualifications and Experience

• Educated to a degree level (or equivalent) ideally in computer science or a related field.
• Familiarity with internationally recognised IT Security standards and frameworks such as Cyber Essentials, NIST, or ISO27001/2.
• Understanding of how IT Security tooling such as Firewalls, AV, Proxies and IDS/IPS operate.
• Familiar with the Microsoft stack including desktops, servers and cloud services.
• Understanding of Patching and Vulnerability management.

• Working with security technologies such as Firewalls, Proxies, IDS and AV.
• Planning and scoping security vulnerability assessments and penetration tests.
• Practical experience of developing and implementing policies, processes and procedures as part of an information security programme, including training and awareness to employees at all levels.
• Experience of carrying out assurance reviews of information security controls.
• Working in a collaborative environment sharing responsibilities for delivering positive outcomes.
• Applying analytical expertise, close attention to detail and critical thinking to problem solving.

• A passion for cyber security and a keen interest in IT.
• Good oral and written communication skills.
• Good inter-personal skills with a proven ability to build relationships, communicate and persuade others.
• Good time management skills with the ability to prioritise work to meet deadlines.