Head, Information Security

The Head of Information Security is expected to define and execute the enterprisewide security vision ensuring compliance with regulatory requirements and embedding a culture of security across all operations. Acting as both a guardian and a strategic partner the incumbent balances technical expertise with strategic insight to safeguard resilience enable digital transformation and maintain trust with stakeholders.

Qualifications :

Type of Qualification: Bachelors degree
Field of Study: Business/Commerce Computer Science Information Technology or related field
Type of Qualification: Post Graduate Degree
Field of Study: Information Technology Cybersecurity Risk Management or related discipline (preferred).

Certifications: 

• • CISSP (Certified Information Systems Security Professional)
  • CISM (Certified Information Security Manager)
  • CISA (Certified Information Systems Auditor)
  • CRISC (Certified in Risk and Information Systems Control)
  • ISO 27001 Lead Implementer / Lead Auditor

Experience Required

5-7 years Experience in implementation and management of information security policies and frameworks within corporate environments. Experience in governance reporting assurance and recommendations. Assessing and validating risk assessments and adherence to technology standards. Familiarity with international frameworks (ISO 27001 NIST PCI DSS).

5-7 years Experience in identifying mitigating and tracking risks including country-specific regulatory requirements. Strong knowledge of financial regulations (RBZ Basel III GDPR POPIA). Experience in reporting findings and ensuring compliance with statutory requirements.

5-7 years Strong IT understanding with exposure to digital and platform operating models. Awareness of cybersecurity trends solutions and emerging technologies (cloud AI blockchain). Ability to assess technology risks and align with business strategy.

5-7 years Experience engaging with senior executives and diverse stakeholders. Proven ability to lead multicultural teams and drive organizational change. Strong communication and influence skills at board/executive level.

5-7 years Direct experience in information security or audit roles within banking/financial services. Understanding of financial risk management and assurance processes. Exposure to digital banking platforms and fintech ecosystems.

8-10 years Experience working in multi-vendor outsourced and multi-system IT environments. IT portfolio delivery planning investment control and risk identification. Oversight of statutory reporting software/hardware license management and IT governance.

8-10 years Proven ability to lead incident response crisis management and disaster recovery planning. Experience in developing and testing business continuity and resilience frameworks.

8-10 years Broad business and finance experience specifically within the banking sector. Ability to align cybersecurity strategy with organizational goals. Strong commercial awareness and understanding of cost-benefit analysis in IT investments.

Additional Information :

Behavioural Competencies:

• Adopting Practical Approaches
• Articulating Information
• Checking Things
• Directing People
• Examining Information
• Exploring Possibilities
• Interpreting Data
• Making Decisions
• Providing Insights
• Pursuing Goals
• Showing Composure
• Upholding Standards
• Strategic leadership: Ability to influence executives and align security with business growth.

Technical Competencies:

• Compliance Audit
• Information Security
• IT Risk Management
• Knowledge of Banking & Financial Service
• Risk Management
• Stakeholder Management (IT)
• Balanced expertise: Technical depth in cybersecurity leadership in banking.
• Regulatory focus: Compliance with both local (RBZ) and international standards.

Remote Work :

No

Employment Type :

Full-time