Napsa
Job Description
To mobilise staff, activate response plans, and manage time-critical incident management and response activities when a high-impact incident is declared. Further, during normal operations, conducts the following activities in conjunction with other stakeholders to Create, maintain and plan for information Security, Cybersecurity incident management and response.
Planning for business continuity plan for ICT disaster recovery; performing tests, exercises, and drills of all response plans; and performing problem management, root cause analysis, and postmortem reviews following the occurrence of an incident.
Key Responsibilities
- Creating the Disaster Recovery Plan, DRP for ICT and ensure alignment with the corporate BCM plans and BIA
- Planning for business continuity plan for ICT disaster recovery; performing tests, exercises, and drills of all response plans.
- Performing problem management, root cause analysis, and postmortem reviews following the occurrence of an Incident
- Creating the Business Continuity Plan, BCP for ICT and ensure alignment with the corporate BCM plans
- Coordinating processes and procedures in contingency planning, Disaster Recovery, Risk Management, and Business Recovery/Continuity.
- Developing, Implementing and monitoring policies and procedures for the overall integrity of the IT Disaster Recovery system for the Authority
- Design, coordinate and execute BCP/DR annual test exercises for critical business processes and produce test reports including lessons learned
- Perform problem management, analyse root causes, and develop after action reports for high-profile, high-impact incidents
- Detect, triage, analyze, respond to, and recover from suspicious events and security incidents
- IT Risk Management: Identifies and Categorizes outage exposures that could cause a business interruption.
- Insuring that Business and Regulatory Requirements are adhered to and that implemented recovery procedures and contracts are cost justifiable.
- Developing ICT safeguards and Business Recovery Plans and Procedures governing the remote Business Offices and Operations associated with the Authority.
- Maintains various contingency plans in case of emergencies, so that the information is not destroyed and can be easily retrieved
- Liaison between ICT and the Business for BCM related Matters
- Inspect backup procedures, backup storage, and backup data integrity
Minimum Qualifications
- Grade 12 Certificate with 5 ‘O’ level with credit or better in Mathematics and English.
- Degree in B. Eng./BSc. Electronics & Telecommunications Engineering/Computer Science/Information Technology.
- The candidate must possess any of the following certifications:
- Certified Business Continuity Manager (BCM) or ISO 22301 (BCM Lead Implementor) will be an added advantage.
- Certified Information Systems Security Professional (CISSP)
- Certified Information Systems Manager (CISM)
- ISO 27001 Lead Implementor
- Certified In Risk and Information System Controls, CRISC
- Any other Cyber Security Certification
- Must be a member of the Information and Communication Technology Association of Zambia (ICTAZ) with a valid practicing license.
Minimum Experience Required
- Not less than four (4) years of IT generalist experience and two (2) years IT and or information Security experience at a management level in an organisation of similar size.