Custodian Investment Plc

Job Description: Security Analyst

Job Title Department Location

Security Analyst Information Security Lagos

Job Objective The role supports and continually improve the Enterprise Cyber security
posture, provide technical expertise on all enterprise-wide application
security related issues.

REPORTING RELATIONSHIPS

Internal Interfaces External Interfaces

Reports to  Chief Information Security  IT Consultants

Officer
 Vendors
Direct Reports  N/A

Other Internal Relationships  Information Technology

 Risk Management

 Internal Audit

 Divisional Heads

 All Staff

FUNCTIONAL COMPETENCIES

 Security Assessment and Controls

 Security Monitoring and Incident Management

 Vulnerability Lifecycle Management

ROLES AND RESPONSIBILITIES

 Safeguard the organization by predicting, detecting, preventing and mitigating information security threats.
 Design and implement security controls to safeguard and monitor events for information systems, enterprise
applications and data.
 Support the implementation of Information Security projects
 Drive internal and external vulnerability assessment, penetration tests engagements and support remediation
efforts
 Respond to escalated security events and drive security incident response processes to ensure timely
resolution with minimal disruption
 Provide expertise on security tools, including but not limited to firewalls, Web Application firewalls,
IDS/IDP, anti-malware software
 Collaborate with the relevant teams to ensure that technical implementation plans are practical, and
implementations are managed to minimize risks and adverse impact to servers, workstations and user
 productivity.
 Implement the infrastructure, configurations and processes to monitor security related events
 Ensure all security system documentation is up to date
 Drive the planning and action remedies required to prevent exposures to information security related threats
 Perform security incident response and management
 Develop projects’ key objectives, scope, success criteria and communicates them effectively to the project
team and key stakeholders
Special and Other Duties

 Prepare various reports for management decision making

 Perform other functions as assigned by the Chief Information Security Officer

Experience and Qualifications  Bachelor’s and/or Advanced degree in Computer Science or any
Required related disciplines.

 A minimum of three (3) years relevant experience in Information

Security with at two (2) years in Information Security

 Professional certification like CISSP, CISM, ISO27001, CEH, CISA

 Hands on experience in security systems, including firewalls,

intrusion detection / prevention systems, anti-virus software,
authentication systems, log management, content filtering, SIEM,
NAC, FIM, WAF and DAM etc.
 Demonstrable experience with network security and networking
technologies as well with systems, security, and network monitoring
tools.

 Demonstrable familiarity with web-related technologies (web

applications, web services, service-oriented architectures), and
network/ web-related protocols.
 Thorough understanding of the latest security principles, techniques,
and protocols
 Problem solving skills and ability to work under pressure