About the Role
Responsible for researching, developing, implementing, testing, and reviewing BSP’s information security solutions to safeguard information assets and prevent unauthorised access. The role leads the delivery and enforcement of a bank-wide information security and privacy program, ensuring the protection of information in electronic, print, and other formats. It also ensures BSP’s information assets and infrastructure are protected from internal and external threats, used in accordance with business requirements, and remain compliant with all relevant statutory, regulatory, security, and privacy obligations.
Key Deliverables
- Manage user accounts, role-based access, and permissions across BSP systems for PNG and Pacific Island Countries.
- Administer user provisioning, modifications, deletions, and password management for systems managed by Information Security.
- Conduct periodic user access reviews and approve access requests to ensure appropriate system access controls.
- Monitor security events, network activity, and system logs to detect and investigate unauthorised or suspicious activities.
- Perform security log analysis and prepare reports on security incidents, breaches, and associated impacts.
- Respond to, investigate, escalate, and remediate security incidents in accordance with established incident management processes.
- Conduct vulnerability assessments, security scans, firewall reviews, and ensure timely remediation of identified risks.
- Support the evaluation, implementation, maintenance, and upgrade of security technologies and solutions.
- Provide security advice, technical guidance, and recommendations to management, project teams, and key stakeholders.
- Ensure compliance with BSP Information Security policies, standards, procedures, PCI DSS requirements, and regulatory obligations.
- Assist in the development, review, and maintenance of information security policies, standards, governance, and security architecture documentation.
- Manage secure custody processes, including reconciliation of secured assets, maintenance of registers and records, and safeguarding sensitive information and materials.
Essential Qualifications, Professional/Skills and Experience:
- Diploma or Degree in Information Technology, Computer Science, or a related
- Minimum 4+ years’ experience in Information Security, Cybersecurity, or related IT security functions.
- Strong knowledge of system and network administration, including access
- Hands-on experience with security technologies, including anti-virus, firewalls, and security monitoring tools.
- Proven ability to investigate, respond to, and report on security incidents and
- Strong analytical, problem-solving, teamwork, and adaptability skills, with the ability to work independently with minimal supervision.
Applications are to be addressed to the Senior Manager Talent Sourcing & Attraction and submitted via email to [email protected].