Vacancy Details:
Vacancy No: SB/HCM/0207/26
Job Summary: To protect the Bank's applications, digital banking platforms, payment systems, APIs, and information assets by conducting vulnerability assessments, security testing, application security reviews, and penetration testing activities. The position is responsible for identifying security weaknesses, assessing cyber risks, validating security controls, and ensuring that banking applications and critical systems comply with the Bank's Information Security policies, regulatory requirements, and industry best practices.
Key Job Duties & Responsibilities:
- Conduct vulnerability assessments on banking applications, databases, servers, operating systems, and network devices.
- Perform penetration testing on Internet Banking, Mobile Banking, APIs, payment systems, and other critical banking applications.
- Conduct web application security testing in accordance with OWASP standards and best practices.
- Identify, assess, document, and report security vulnerabilities and control weaknesses.
- Review application architecture, system configurations, and security controls to identify potential risks.
- Perform secure configuration and hardening assessments of applications and supporting infrastructure.
- Validate remediation activities and conduct re-testing to ensure vulnerabilities are properly resolved.
- Support Secure Software Development Life Cycle (SSDLC) implementation and application security reviews.
- Participate in security assessments of new systems, applications, and technology initiatives before production deployment.
- Conduct API security reviews and testing to identify authentication, authorization, and data exposure risks.
- Support security reviews of Core Banking, SWIFT integrations, NBE payment systems, Mobile Banking, Internet Banking, and third-party applications.