Head of Information ....
Head of Information Security Management
Posted on :
21-04-2024
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Description
Req ID : 2738922
- Oversee and manage the Information Security Management team to ensure proper management of the resources to support the ongoing business initiatives and ensure clear personal development plan is developed for each team member with an adequate training and coaching plan
- Ensure the annual review and update of the area's processes, procedures and policies with the development and adherence to the developed SLAs
- Ensure the proper enforcement of the developed security policies across all areas
- Lead the enhancing, formalizing and standardizing of the different information security programs and management processes, to apply effective control mechanisms and to ensure organization's ability to manage and be protected towards different types of security threats, including but not limited to the Identity & Access Management, Data Classification and Protection, Privileged Access Management programs and others
- Oversee the implementation of the Information Security Management strategy and objectives to ensure the proper enforcement of the developed security policies
- Liaise with IT Security Department to ensure adequacy of security testing and assessments prior to execution, to ensure sound security practices are implemented across all bank's platforms, systems and services provided, while also ensuring the relevant processes and procedures are adequately reflecting and considering the security policy requirements, as well as risk, compliance and controls requirements
- Develop and enhance information security procedures with proper reflection of the emerging threats and changes to the bank's Cyber Security landscape, including the maintenance of staff awareness of these policies and procedures, as well as proper monitoring of policy exceptions
- Ensure that a proper security risk assessment framework is in place and effectively implemented across different areas of the organization, with timely identification, escalation, resolution and follow up for all outstanding issues related to Security as tracked in the Security risk register and KRIs
- Act as support arm when it comes to Information Security consultation for all different business units within the organization and provide sound feedback and alternative solutions for security risk mitigation
- Validate and ensure adequate feedback is provided on behalf of the security organization (Info Sec, IT Security, Physical Security, Security Operations Center) to internal/external auditors, regulatory bodies and other entities as applicable
- Seek concurrence from the Non-Financial Risks and Compliance Committee and keep the relevant Committees updated with the overall Security Risk Rating of the bank to assist in better-formed decisions and security strategy planning
- Report Security risks, compliance and controls dashboards and exceptions to Non-Financial Risks and Compliance Committee and other relevant committees as required
- Communicate with Senior Management for any needed clarifications or highlighting security risks that require more organizational; awareness and action, through the relevant committees or individually
- Work closely with Security Operations Centre to ensure aspects of Information Security Risk, Control and Compliance that require continuous monitoring are adequately embedded within the day-to-day SOC operations
- Ensure the annual maintenance of the PCI-DSS certification to keep the card holders' data secured against cyber-attacks
- Ensure the annual compliance with the CBE Regulations, SWIFT CSP requirements and International Information Security and Business Continuity Management ISO 27001 standards, to prevent security breaches
- Handle and manage exceptions and escalations, to ensure proper support and alignment is in place between Information Security Management and the different stakeholders
Employment Type
Full Time
Department / Functional Area
Key Skills
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
