Assistant Manager Cyber & Cloud Security

Job Description

Vision & Purpose
The role is supposed to help the Bank to achieve its mission “stimulating  a consistent expansion of and diversification of African trade so as to rapidly increase Africa’s share of global trade, while operating as a first class, profit oriented, socially responsible financial institution and a centre of excellence in African trade matters” by providing professional advice and support for the effective implementation and use of the Bank’s Management Information System.
Nature & Scope

The objective of the function is to provide appropriate access to and protect the confidentiality and integrity of customer, employee, and business information in compliance with organization policies/standards and business objectives of Afreximbank. 

Specifically, the function aims to:

  • Assist the bank in attaining its cyber and cloud security objectives through development of policies & procedures
  • Maintain a consistent standard of cyber and cloud security across the bank’s entire infrastructure.
  • Support delivery and execution of the services that the Bank’s provides on the cloud. 
  • Execute cloud security assessments and implementations. 
  • Support the day to day operations of IT Security and Risk Management
Duties & Responsibilities

The core tasks, duties, and responsibilities are listed below:

  • Design, protects and manages security services for the Bank’s global information security infrastructure.
  • Perform continuous security assessment of the cloud security architecture
  • Engineer and tune the cloud security solutions including but not limited to enrollments, monitoring, alerting and maintaining defined security posture.
  • Implementation, development and integration of open source security solutions
  • Engage in technical design of solutions based on use cases and business requirements
  • Participate in proof of concepts and other technical evaluations of technologies, designs and solutions and provide recommendations
  • Stay abreast of emerging cloud technologies and proactively assess and evaluate the adoption thereof
  • Reduce time-to-detect and time-to-remediate by driving the automation of applied threat intelligence and sensor enrichment
  • Develop and expand API framework to interconnect Security Tools
  • Responsible for the thorough documentations of implementations, via technical documentation and runbooks
  • Apply adept understanding and experience with cloud system automation platforms and technologies
  • Partake in efforts that shape the organization’s security policies and standards for use in cloud environments and on-premise environments. 
  • Direct and influence multi-disciplinary teams in implementing and operating Cyber Security controls
  • Provide subject matter expertise on information security architecture and systems engineering to other IT and business teams
  • Responsible for automating security controls, data and processes to provide improved metrics and operational support
  • Stay abreast of emerging security threats, vulnerabilities and controls and proactively provide recommendations and remediations 

Personal Specification

Skills, Knowledge and Attitude
  • Experience with Linux, Windows operating systems and cloud provider ecosystems such as Amazon AWS and AZURE is a must.
  • Practical knowledge of AWS foundation services related to compute, network, storage, content delivery, administration, security, deployment and automation technologies.
  • Experience in architecting, designing, and programming applications and ample experience in high level programming languages such as C++, C#, Java, Python, Visual Basic
  • Capability architecting highly available systems that utilize load balancing, horizontal scalability and high availability
  • Robust micro services programming (AWS Lambda, Docker, etc.)
  • Familiarity using AWS Cloud Services (EC2, DynamoDB, API Gateway, RDS, Lambda, CloudFront, CloudFormation, CloudWatch, Route 53, etc.)
  • Understanding of complex enterprise environments and current technology areas like cloud and mobility, VPC, Multizone availability.
  • Good understanding of security assessment framework such as CIS benchmark and NIST
  • Experience in working on Burpsuite, Qualys on Cloud, Nessus, GFI Languard etc…
  • Essential that applicants have the necessary technical skills to constantly monitor systems to identify threats and vulnerability, execute security architecture, and ensure there are no external threats.
  • The ideal candidate is expected to work with various multi-disciplinary teams, so it is vital that they are team-oriented individuals with priority on the successful completion of group goals
  • Excellent verbal and written communication skills in English.
  • Willingness to travel and to work long hours where required in order to achieve the Bank’s objectives;
Qualification and Experience
  • Bachelor’s degree in Computer Science, Information Technology, Computer Engineering, Engineering, Management Information Systems or Computer Engineering or other relevant degree from a recognized University, a Master’s degree in a relevant field or a recognized professional qualification in lieu; 
  • Relevant security certifications such as ISC2 CISSP, SANS, OSCP, CEH, equivalent security-related industry certifications and AWS Associate is a plus.
  • Minimum of 5 years of experience in securing cloud solutions (IaaS/PaaS/SaaS) including Incident response, Security Engineering, Cloud architectures and Tuning. 
  • At least 5 years of experience with other key components of cybersecurity such as network & infrastructure security, access and identity management, threat detection, incident response, vulnerability management, security governance, risk and compliance, security architecture, data protection and others



Banking & Finance



Job Level