Website Brilliance Executive Management Consultancy
One of our Clients a leading Commercial Bank has given us the mandate to assist in the identification and recruitment of highly qualified and competent professionals.
The Information Security Officer will serve as the process owner of all assurance activities related to the availability, integrity and confidentiality of customer, business partner, employee and business information in compliance with the Bank’s information security policies. A key element of the CISO’s role is working with executive management to determine acceptable levels of risk for the organization. Information Security Officer will be responsible for establishing and maintaining a corporate-wide information security management program to ensure that information assets are adequately protected.
Summary of Key Responsibilities:
- Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program.
- Work directly with the business units to facilitate risk assessment and risk management processes.
- Develop and enhance an information security management framework.
- Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services.
- Provide leadership to the enterprise’s information security organization.
- Partner with business stakeholders across the company to raise awareness of risk management concerns.
- Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems.
- Act as the organization’s representative with respect to inquiries from customers, partners, and the general public regarding the organization’s security strategy.
- Act as the organization’s representative when dealing with law enforcement agencies while pursuing the sources of network attacks and information theft by employees.
- Oversee the selection testing, deployment, and maintenance of security hardware and software products as well as outsourced arrangements.
- Monitor the logs on a periodic basis during the day for error detection and timely resolution
- Enforce logical and physical security measures over communication systems (e.g., leased lines, routers, modems, Internet, Intranet, E-mail, iPhone, etc.)
- Enforce Access Control policies to control usage of networked resources
- Review network logs, OS logs and WAN incidents.
- Ensure that the network O/S is maintained in accordance with the Bank’s Security policies & procedures.
- Review whether access to application programs/files and other sensitive system files is appropriately restricted.
- Security Configuration & Maintenance of the Infrastructure.
- Development of Minimum Baseline standards for the IT components.
- Identifying New Technology Solutions for the Bank and assessment of security patches and upgrades of existing applications and operating systems within the Bank
- Risk Assessment includes identifying asset threats, vulnerabilities, and compensating controls, developing a risk profile for the assessed environment, and developing a risk reduction plan for the environment.
- System Monitoring involving monitoring of networks and systems for security-related events and incidents. This includes monitoring, management, and maintenance of the Intrusion Detection System and reviewing log files of security infrastructure systems for any unauthorized or unrecognized activity.
- System Security Analysis completing the security review on all of the Bank’s systems to ensure compliance with the Minimum Baseline Standards and other policies and standards as related to operating systems, network devices, and applications
Qualifications and Experience
- Degree in a Computer Science /Technology-related field required.
- A Masters in any of the above fields will be a plus
- Must have Professional Security Management Certification (CISA)
- Minimum of 5 to 8 years of experience in a combination of Risk Management, Information Security and IT jobs.
- Knowledge of common information security management frameworks, such as ISO/IEC 27001, and ZICTA.
- Excellent written and verbal communication skills and a high level of personal integrity
- Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams.
- Experience with contract and vendor negotiations and management including managed services.
- Specific experience in Agile (scaled) software development or other best in class development practices.
- Experience with Cloud computing/Elastic computing across virtualized environments.
If you meet the minimum hiring requirements for the above position, please email your CV and Cover letter clearly stating your salary expectations to: firstname.lastname@example.org and copy in email@example.com
Note that, all communications will be kept in the strictest of confidence. If you do not receive communication within 21 days of the closing date of the advert, please consider your application unsuccessful.
DO NOT SEND CERTIFICATES AT THIS STAGE
To apply for this job email your details to firstname.lastname@example.org.