Main Purpose of the Job
Responsible for developing and implementing the organisation’s information security strategy and program. Thus, ensuring the security of the organisation’s physical infrastructure, applications, network and databases to protect the organisation, its customers and its business partners. This role involves overseeing the security posture of the organisation, ensuring compliance with regulatory requirements, and managing the information security team to protect organisational assets from cyber threats. The Manager, ITCS identifies and addresses vulnerabilities in the organisation’s hardware and software, monitors any attacks or intrusions and addresses them accordingly and creates firewalls and partitions to control the spread of any malware and/or unauthorised access.
Core Accountabilities and Responsibilities
- Develop and implement Information security strategy, policies, procedures, and standards.
- Oversee the design, implementation, and management of security systems and controls.
- Align security practices with business goals.
- Manage the information security budget and allocate resources effectively.
- Manage and mentor the cybersecurity team, providing guidance and support.
- Coordinate and oversee the execution of security projects and initiatives.
- Monitor and review security systems and processes to identify and address vulnerabilities.
- Lead incident response efforts, including investigation, remediation, and reporting.
- Conduct regular security assessments, audits, and penetration testing.
- Ensure compliance with relevant laws, industry regulations and standards (e.g., PCI-DSS, Data Protection Act).
- Develop and deliver security awareness training and programs for employees.
- Maintain and update security technologies, including firewalls, intrusion detection systems, and anti-malware solutions.
- Prepare and present reports on security posture, incidents, and performance metrics to senior management.
- Liaise with auditors and regulators for remediation of open issues as well and submit required audit information as required.
- Define System Access Role Matrices as well as conduct periodic access reviews.
- Manage a Security Operations Centre (SOC) as well Cyber Incidents and events as and when required
- Manage staff Information Security training and awareness campaigns including monitoring staff compliance to the required training.
- Ensure that relevant systems and tools are in place to automate the information security management and oversight.
- Produce management, executive and board reports with respect to the Information Security trends and posture for the bank.
Qualifications: Bachelor’s degree in cyber security/information security, Computer Science, Information Technology, Information Systems, Management Information system or equivalent.
Additional qualifications such as Certified Information System Security Professional, Certified Information Security Manager, Certified Information Systems Auditor, Certified Ethical Hacker, would be an added advantage Experience: Five (5) years’ of relevant experience in cyber security (preferably in a bank or mass market financial institution) including two (2) years of supervisory experience.
Knowledge of international cyber security protocols and protection measures is essential. Competencies: Proven experience in a cybersecurity management role, with a strong understanding of security technologies and best practices
Excellent leadership, communication, and problem-solving skills
Experience with security frameworks and compliance requirements
Planning, organisation and budget management
Ability to manage multiple projects and prioritise tasks effectively
Results and business focus
Communication and customer service skills
Strong analytical skills and attention to detail
Closing date: 30th December 2024