Job Description
The new NCBA has harnessed the power of both NIC and CBA to create a bank that brings together the best of both worlds from cutting edge mobile banking to good old-fashioned relationship management; from scalable business banking to financial services that grow as your business does; from best-in-class choice of products to investment solutions tailored to your specific needs.
Cloud & IOT Security Engineer
Job Purpose Statement
The Cloud & IOT Security Engineer role focuses on developing, implementing, and maintaining secure solutions for cloud infrastructures and Internet of Things (IoT) ecosystems.
As a mid-level technical position, it plays a pivotal role in safeguarding the bank’s cloud environments and IoT systems from evolving threats, ensuring robust security configurations, and facilitating seamless integration with organizational objectives.
Key Accountabilities (Duties and Responsibilities)
Cloud & IOT Security (40%)
Assist in designing and deploying secure cloud architectures on platforms such as AWS & AzureImplement and monitor foundational security measures, including Identity and Access Management (IAM), encryption, and network segmentationSupport the integration of security tools, such as Cloud Security Posture Management (CSPM) and vulnerability scanners, into cloud environmentsCollaborate on the development of secure IoT systems by enforcing device authentication, secure communication protocols, and data protection strategiesIdentify and mitigate security risks in IoT ecosystems, such as device vulnerabilities or insecure configurationsParticipate in the evaluation and implementation of IoT-specific security frameworks and standards Technical Advisory & Collaboration (20%)
Work with stakeholders to understand business requirements and translate them into technical security solutionsProvide technical leadership in security incident response related to cloud or IoT systemsAdvise on regulatory and compliance requirements (e.g., GDPR, ISO , NIST -53, and IoT-specific standards like ETSI EN ) Incident Response and Threat Management (20%)
Support incident detection and response for cloud and IoT environments by analyzing alerts and assisting with investigationsConduct vulnerability assessments and help remediate security findingsContribute to threat modeling exercises to identify and address potential attack vectors Ongoing Compliance and Audit Support (20%)
Work closely with the Governance, Risk, and Compliance (GRC) team to ensure adherence to regulatory requirements such as GDPR, ISO , PCI DSS, NIST, and IoT-specific standards like ETSI EN Assist in preparing documentation and evidence for internal and external audits, including risk assessments, security configurations, and incident reportsEnsure that all cloud and IoT security practices align with ongoing compliance audits and organizational policiesTrack remediation of findings from audits and ensure timely resolution of non-compliance issues Job Specifications
Ideal Person Specifications:
Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field2-5 years of experience in cloud security, IoT security, cybersecurity architecture, and cybersecurity engineeringHands-on expertise with security tools and platforms such as IDS/IPS, firewalls, VPNs, SIEM, and cloud security solutionsProficiency in scripting or automation (e.g., Python, PowerShell, Ansible) is a plusRelevant certifications such as AWS Certified Security Specialty, Azure Security Engineer Associate, Google Professional Cloud Security Engineer, CompTIA Security+, Certified Ethical Hacker (CEH), Cisco CyberOps Associate, ISO Lead Implementer/Auditor, or other governance-related certifications are preferred. Behavioral Competencies:
Strong analytical and problem-solving skills with a technical mindsetA proactive approach to ensuring security and compliance in cloud and IoT environmentsEffective communication and collaboration abilities, with a focus on teamworkCommitment to continuous learning and professional growth