Job Accountabilities
- Support Information security strategic program milestones
- Technical implementation of the Information security program and following actionable plan with IT.
- Build Security Matrix for different access
- Establish reporting communications that support Information Security IT Governance activities
- implementation of necessary information security policies, standards, procedures and guidelines.
- the plan and test results of disaster recovery
- Assess controls for information systems ( all IT systems) during the requirements, acquisition, development and testing phases for compliance with the Information Security policies, standards, procedures and applicable external requirements ,ensure Information security risks are addressed which could lead to organization financial and reputation loss.
- Evaluate the readiness of information systems ( All IT systems)for implementation and migration into production and Conduct post-implementation reviews of systems to determine whether Information System deliverables, controls are complied with Information Security policies, standards and ensure Information security risks that could lead to organization financial and reputation loss are addressed.
- Assess the design, implementation and monitoring of system and logical security controls to verify the confidentiality, integrity and availability of information, this to ensure overall Information Security that could lead to organization financial and reputation loss if data is breached.
- Maintain a risk register to ensure that all identified risks highlighted with related accountability, Monitor existing risk to ensure that changes are identified and managed appropriately.
- Assemble risk scenarios to estimate likelihood and impact of significant risks to the Information systems, Correlate identified risks to relevant business processes to assist in identifying risk ownership.
- Analyse risks, incidents and interdependencies to determine their impact on IT Systems and relative business objectives.
- Develop Information Security Standards and Baselines aligned with Information security polices
- Assess and Evaluate the non-business application access (VPN, Internet, etc) that can be easily integrated into Identity management solutions and technologies adopted by the bank.
- Monitor the information systems (IT systems) control design and implementation processes against Information Security baselines and standard to ensure it is implemented effectively and within time.
- Enable the measurement of IT Information security processes
- Identify the gap between current and desired risk levels to manage risk ,evaluate information security controls to determine whether they are appropriately and effectively mitigating the risk to defined acceptable level
- Facilitate independent risk assessments and risk management Process review to ensure that they are performed efficiently and effectively
- Monitor and Communicate key risk indicators (KRIs) and Management activities to assist relevant stakeholders in their decision-making Process
- Identify and report on risk including compliance to initiate corrective action and meet business regulatory requirements
- Ensure that risk assessments, vulnerability assessments and threat analysis are conducted periodically and consistently to identify risk to the organization’s information.
- Communicate to Infrastructure Information Security Manager the status of the IT Security Program progress
Qualifications and Experience
- BSC in Communication Engineering or computer science.
Apply Via The Bellow Link