Job Context The Senior Security Analyst plays a key operational role in supporting cybersecurity monitoring, incident response, and security control implementation. This position is suited for a professional with hands-on experience who can work independently on security tasks while guiding junior team members and contributing to the maturity of the organizational security posture.
Responsibilities
• Develop and enforce the Bank’s cybersecurity strategy, policies, and roadmap in alignment with Bangladesh Bank guidelines and Board directives.
• Guide cybersecurity compliance programs, manage regulatory audits (Bangladesh Bank, IS Audit), and ensure mandatory incident reporting.
• Monitor SOC operations, including real-time monitoring, log analysis, malware forensics, and advanced threat hunting.
• Oversee the deployment and continuous improvement of security technologies such as SIEM, SOAR, WAF, NGFW, IPS/IDS, EDR/XDR, and IAM/PAM.
• Conduct ICT and cybersecurity risk assessments, maintain the Risk Register, and oversee VAPT and red-blue team exercises.
• Lead incident response activities, root-cause analysis, and support Business Continuity and Disaster Recovery planning.
• Review security architecture for major IT deployments and ensure secure SDLC across applications and digital channels.
• Conduct ongoing cyber awareness training and phishing simulations for employees and management.
Educational Requirement & Age Limit
• MSc or BSc in Information Security, Computer Science, IT, or a related discipline from a reputed university.
• Must not exceed 42 years of age
Professional Certification
• Certifications such as CISSP, CISM, CISA, RHCSA, CEH, CHFI, CCNP Security, CCSP, or ISO 27001 Lead Implementer/Auditor will add significant value.
Skill Requirement
• Proficiency in cybersecurity tools, packet analysis, SIEM, SOAR, SOC operations, and endpoint protection technologies.
• Strong knowledge of IT governance, risk management, security engineering, and digital forensics.
• Knowledge of cloud security, microservices, DevSecOps, and API security.
• Excellent communication and stakeholder management skills.
Experience Requirement
• Minimum of 08–10 years of cybersecurity/IT security experience, specifically within the banking sector.
• Demonstrated experience in implementing enterprise security programs, managing cyber incidents, and handling regulatory compliance and audits.
Additional Requirement
• Ability to work under pressure and support 24/7 cybersecurity incident response, including on-call rotations.
• Strong analytical thinking, time management, and cross-functional communication skills.