Vacancy title:
Head Information Security
Jobs at:
Ecobank UgandaDeadline of this Job:
Wednesday, August 23 2023
Summary
Date Posted: Wednesday, August 16 2023, Base Salary: Not Disclosed
JOB DETAILS:
Job Description
Key Responsibilities
• To Act as a Head of Information Security and represent the wider Group Information security strategies at the affiliate level.
• Serves as an Internal Information Security Consultant to the Bank
• Monitors compliance with information security policies and procedures, referring exceptions to Country Head of Operations & Technology and the CISO.
• Works closely with Group Security to implement security initiatives for the affiliate on behalf of Ecobank Group
• Liaises with regulatory agencies to address the banks security and compliance issues
• Liaises with contractors and service providers to ensure that all activities are in line with the Banks Information Security Policy
• Provides direct Information Security Awareness training and oversight to all employees, and other third parties, ensuring proper information security clearance in accordance with established bank information security policies and procedures
• Initiates, facilitates, and promotes activities to create information security awareness within the Bank
• Develop and implement an ongoing risk assessment program targeting information security and business systems. Recommend methods for vulnerability detection and remediation.
• Perform information security risk, vulnerability assessments and serves as an internal assessor for security issues
• Develop and implement an incident reporting system to address security incidents, respond to alleged policy violations from staff, contractors and external parties
• Provides guidance and direction for the physical and logical protection of Information Technology resources to other functional systems
• Reviews all system-related security plans throughout the bank's network
• Conducts investigations on security breaches, report findings and make recommendations to Executive Management
• Monitors the internal control systems to ensure that appropriate access levels are maintained
• Serves as a coordinator of the Banks Business Continuity and Disaster Recovery Plan
• Reviews security logs on critical servers and communicate exceptions to Executive Head, IT and Operations
• Establishes a reporting process to ensure that Executive Management is kept appraised of the effectiveness of Information Technology Security and problem resolution.
• Be a local champion at the affiliate level for Business Continuity Management, Disaster Recovery and Crisis Management.
• Perform any other duties assigned by Supervisor
• Design, implement, and maintain the overall affilaite Data Protection & Privacy program.
• Determines data protection & privacy compliance requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying personally identifiable data ; and conducting data mapping.
• Promote privacy by design and conduct privacy impact assessments to meet compliance specifications and timelines as the business processes sensitive or personal data
• Measure and report on business operations compliance with various Data Protection Acts, especially with General Data Protection Regulation (GDPR).
• Design and enforce risk mitigation cases and highlight any high risk practices and activities to senior management.
• Work with the Information Security Manager to implement agreed data security policies and ensure relevant monitoring is in place to protect against and check for potential data breaches
• Prepares system security reports by collecting, analyzing, and summarizing data and trends.
• Articulates the business benefits of data protection & privacy initiatives to stakeholders ensuring support and buy-in, delivering those initiatives to planned timescales and costs
Job Profile
Experience & Qualifications
• Bachelor’s degree or Industry Certified Security Professional Certification.
• Relevant Security Experience, at least 5 years in Information Security field.
• Experience of Managing Projects
• Experience of Managing Team’s Performance
Skills, Capabilities & Personal attributes
• Familiarity with industry standards, guidelines and regulatory compliance requirements related to information security, Data protection and privacy and cloud computing such as ISO 27001, Cloud Security Alliance (CSA), NIST 800-53, PCI DSS, GDPR, SSAE16 and SABSA etc.
• Ability to work in a Multicultural Environment
• Proven track record of achieving results and managing teams.
• Ability to build rapport with VPs and Cluster/Regional Managers
• Constructively manage all stakeholders and break barriers
• Ability to build and lead effective and successful teams
• Analytical thinker combined with skills of thinking outside the box
• Ability to effectively use technology to leapfrog the competition
• Withstanding pressure without it having effect on efficiency or quality
• Open to change and ability to create and drive change
• Ability to deal with ambiguity and a changing environment
• Strong analytical and diagnostic skills
Work Hours: 8
Experience in Months: 24
Level of Education: Bachelor Degree
Job application procedure
Interested applicants?Click here to apply
All Jobs
Join a Focused Community on job search to uncover both advertised and non-advertised jobs that you may not be aware of. A jobs WhatsApp Group Community can ensure that you know the opportunities happening around you and a jobs Facebook Group Community provides an opportunity to discuss with employers who need to fill urgent position. Click the links to join. You can view previously sent Email Alerts here incase you missed them and Subscribe so that you never miss out.