Information Security Clerk

Bank of Jordan

Responsibilities

• Monitor and review employee usage of bank systems, applications, and network via the SOC (Security Operations Center), prepare related reports, and submit them to relevant stakeholders to maintain robust information control. Compare logs of changes made in production systems with reports from the IT department to verify accuracy.
• Review internet usage reports to ensure compliance with internet usage policies and monitor firewall rules for internet access.
• Analyze monthly vulnerability assessment reports for core systems, databases, and communication devices, following up on identified issues with the IT department.
• Monitor the status of computers and servers to ensure effective antivirus protection and absence of malicious files, coordinating with relevant parties for regular inspections.
• Track lists of resigned/transferred employees and ensure the proper deactivation or adjustment of their system access permissions.
• Review the bank s information security policy and participate in developing implementation procedures to minimize risks and ensure alignment with the bank s general policies.
• Contribute to issuing awareness bulletins on information security, proper internet usage, and computer hygiene.
• Review and update the Business Continuity and Crisis Management Plan monthly and ensure employees understand and fulfill their roles via regular assessments.
• Prepare daily, weekly, and monthly reports on the monitoring of servers and network devices.
• Research and propose new methods to identify security vulnerabilities and enhance incident reporting and response procedures.
• Review email usage reports to ensure compliance with the bank s information security policy and prevent data leakage.
• Analyze reports related to the bank s website hosting and DDoS mitigation services, and follow up with relevant entities in case of incidents.
• Regularly review access privileges and administrative rights of users on critical banking systems and ensure they match formally approved access levels.
• Serve as a core or backup team member in the officially approved Business Continuity and Emergency Response plans, fulfilling all assigned duties to minimize the impact of crises and restore operations swiftly.
• Monitor the bank s compliance with approved information security policies and procedures, contribute to the development of the security governance framework, and provide necessary recommendations.
• Ensure the bank s compliance with regulations and directives issued by the Central Bank of Jordan (CBJ) and other regulatory authorities (e.g., CBJ, SAMA).
• Ensure that implemented security controls are aligned with international standards such as ISO 27001, PCI DSS, and COBIT, and participate in internal and external audit preparations by providing the required evidence to auditors.
• Review and regularly update information security policies and procedures to reflect technological and organizational changes, and document the corresponding operational procedures accordingly.