Title: Trainee Officer to Officer (G-1) - Information Security (Information Technology Division)
Company Name: ONE Bank PLC
Vacancy: 01
Age: At least 24 years
Job Location: Dhaka
Salary: --
Experience:
Master of Science (MSc)/Bachelor of Science (BSc) in Computer Science & Engineering or Information and Communication Technology or a related discipline.
Strong willingness to learn, develop, and build a career in Cyber Security, Information Security, SOC Operations, IT Governance, and related technology domains.
Ability to work efficiently in a fast-paced, security-sensitive, and compliance-driven banking environment, including handling multiple tasks and meeting deadlines.
Basic knowledge of Information Security and Cybersecurity concepts, including the CIA Triad, risk management, threats, vulnerabilities, and security best practices.
Understanding of networking fundamentals, including TCP/IP, DNS, firewalls, VPNs, and general network security concepts.
Basic knowledge of SOC operations, security monitoring, incident management, cybersecurity tools, and ethical hacking concepts.
Familiarity with Windows/Linux operating systems, databases, programming fundamentals, and web application technologies.
Exposure to cybersecurity learning platforms such as TryHackMe, Hack The Box, or similar cyber labs will be considered an advantage.
Support the implementation, monitoring, and enforcement of the Bank’s Information Security Policy, IT Governance framework, and regulatory compliance requirements, including Bangladesh Bank ICT Security Guidelines, ISO/IEC 27001:2022, PCI-DSS, and other applicable standards.
Participate in Security Operations Center (SOC) activities, including security monitoring, SIEM log analysis, threat detection, incident handling, investigation, escalation, root cause analysis, digital forensics, and post-incident reporting.
Operate and manage cybersecurity solutions such as SIEM, PAM, SOAR, EDR, DLP, FIM, and Vulnerability Management tools to ensure effective security monitoring, access control, automation, and protection of information assets.
Conduct vulnerability assessments, penetration testing, security reviews, risk assessments, and compliance monitoring across applications, databases, networks, servers, storage systems, and DC-DR environments; coordinate remediation and implementation of security controls and hardening measures.
Monitor emerging cyber threats, attack trends, and security risks; support audit and compliance activities, security awareness programs, reporting requirements, and perform other cybersecurity and information security-related responsibilities assigned by management.