SENIOR INFORMATION SYSTEMS SECURITY OFFICER

Job Purpose

The role is responsible for assisting with the day-to-day operations of securing various bank information systems and maintaining security solutions, instilling security by design practices within the bank that have been deployed, and ensuring that existing and new bank systems, products, and technology are designed, developed, deployed, and managed with an emphasis on strong, effective security and risk management controls.

Key Duties and Responsibilities

• Overseeing and implementing the bank’s cyber security program and enforcing the cyber security/framework. 
• Support administration, optimization, and support of the Bank’s Technical security solutions, including perimeter email, cloud, network, endpoint, and data security solutions in compliance with the Bank’s policies and standards.
• Ensuring the bank maintains a current enterprise-wide knowledge base of its users, devices, applications, and their relationships. 
• Ensuring the information systems meet the needs of the bank, in particular information system, development strategies, enterprise risk management framework, risk appetite, and ICT policies. 
• Design cyber security controls with consideration of all users at all levels of the organization including internal customers and third-party users/external users. 
• Work in collaboration with appropriate stakeholders to ensure staff and vendors’ access to our systems is secure has the necessary controls in place, and devices are fully operational and secure.
• Organizing professional cyber-related training to improve the technical proficiency of staff. 
• Conduct regular and comprehensive cyber risk assessments that consider people (i.e. employees, customers, outsourcing, and other external parties) processes, data, and technology 
• Ensure timely updates of the incident response mechanism and business continuity plan (BCP) based on the latest cyber threat intelligence gathered. 
• Ensure frequent data backup of critical IT systems (e.g. real-time backup of changes made to critical data) is carried out to a separate storage location.   
• Ensure the roles and responsibilities of managing cyber risks, including in emergency or crisis decision-making, are clearly defined, documented, and communicated to relevant staff. 
• Continuously test disaster recovery and Business Continuity Plans (BCP) arrangements to ensure that the bank can continue to function and meet its regulatory obligations in the event of unforeseen attacks through cybercrime.
• Research and provide technical security expertise in the Cyber Security Environment.

Job Requirements and Experience

• Bachelor’s Degree in Computer Science or IT, Information Systems or related field;
• Masters degree in Computer Science or IT, Information Systems, or a related field is an added advantage;
• Four (4) years of relevant working experience;
• Skills: Risk management, Reporting, Information security, System and network security, Testing and debugging, IT support;
• Professional qualifications in any of the following: CISA/CISM/CRISM/ CEH/ CISSP/ MCSE/MCITP/CCNA/Project Management Certification; SSCP; CompTIA Security+; OSCP.
• Member of a relevant professional body;
• Supervisory training or courses. 
• Meets the provisions of chapter six of the constitution;

Competencies and Skills

• Strong communication and presentation skills
• Good analytical skills
• Problem-solving 
• Professionalism

To Apply

Interested and suitably qualified individuals should forward hard copies of their applications, enclosing copies of their academic and professional certificates, detailed CV indicating work experience, contacts, and addresses of 3 professionally relevant referees by close of business on 21st February 2025.   Use the email [email protected].  Only shortlisted candidates will be contacted.