A reputable financial institution is seeking applications from suitably qualified individuals for the following position: 

Position: Information Security Officer 

Direct Report: Divisional Head, Enterprise Risk Management

Key Duties:

• • Implement the information security governance structure of the Institution
  • Establish, maintain and enforce security policies, standards procedures and guidelines
  • Develop, implement and deliver security awareness programs
  • Recommend appropriate security measures from a strategic perspective.
  • Prepare monthly Information Security Report for Management

• Collate and analyze Information Security Metrics from the Institution

• Enforcing logical security at the various layers of the Institution IT infrastructure (network, database, application and operating system layer)
• Provide input for security awareness based on identified risk in user management activities
• Ensure security of all Information entrusted to the staff
• Ensure compliance with information security principles and policies located in the institution intranet knowledge portal
• Creation of new security policies on Network  and System Management and Operation
• Daily review  and management of all security tools
• Review of effectiveness and fine-tuning of existing security rules.
• Operating systems, network and physical  risk assessment
• Conduct penetration testing and  vulnerability assessment on all the institution IT asset
• Manage and manage information security budget , strategies and asset

SPECIFICATIONS:

Qualifications: First degree (B.Sc.), relevant professional certification(s) and a master’s degree will be an advantage.

• Any two relevant professional certification(s):

• Certified information systems security professional (CISSP)
  • Certified Information Systems Auditor (CISA)
  • Certified Information Security Manager (CISM)
  • Certified in Governance of Enterprise IT (CGEIT)

Minimum Experience: Has minimum of 5 years’ experience with a financial institution and this must include at least 3 years at supervisory level.

Required Skills and Abilities:

• Knowledge of global best practices as it concerns global best standards
• Vast in secure configuration standards for Microsoft windows and  Linux operating system , Oracle, Microsoft and other database systems
• Good presentation skills
• Sound knowledge of cryptography and key management
• Good secure configuration of network devices
• Leadership & people management skills
• Good understanding of security essentials
• Good report writing skills
• Penetration testing
• Forensic
• Vulnerability assessment

TO APPLY:

Interested candidates should please send your Curriculum Vitae/Resume together with an application to: recruitments.sl@outlook.com on or before Wednesday 14th November 2022.