To provide IT security services to the IT Department/Bank and in so doing ensure that all IT security policies and controls are in place for adequate logical and physical access as per Group guidelines. To review all user access requests in conjunction with Teams prior to the granting thereof. To implement appropriate practices and solutions to ensure the Bank remains secure. To follow-up on all audit issues. The holder of the role shall also focus on protecting the bank against various cyber-attacks. In addition, the role will be responsible for ensuring application and data level security controls are in place and effective.
- Working within group standards, ensure that all IT security policies, processes and controls are in place and that all local country IT security requirements are updated/incorporated into and aligned to Group IT security guidelines
- Monitor full adherence to Group security practices/protocols/standards/guidelines as well as industry practices and best practices.
- Review Security policy and applicable processes/procedures as directed by Manager, Technology Risk & IT Security.
- Monitor and maintain the security of the Bank’s IT equipment by overseeing the proper controls for physical security and that loading of end-point security agents (Antivirus, Patch, firmware, detection tools, prevention tools, etc) as deployed by the organisation, remain up-to-date and that corresponding management and distribution tools are fully functional.
- Ensure appropriate encryption mechanism are in place to safeguard information at rest and while in transit
- Monitor and maintain the perimeter security and activity tools including firewalls, intrusion prevention and detection systems in place.
- Manage and monitor controls and the tools that shield the Bank from Cybersercurity threats and the internet
- Drive and participate in exercises to gauge the readiness and assess the responsive capabilities of the Bank from CyberSecurity threats
- Drive awareness campaign to sensitize staff on all security aspects relating to technology.
- Report and track security breaches and ensure that any known and substantive security gaps are dealt with swiftly.
Preferred Qualification and Experience
- A Bachelor’s Degree in Computer Science, Information Technology or related fields
- CCNA / CCNP /MCSE 2012 / CISM / CISSP / SSCP etc. would be beneficial
- Certification/Active Membership of a professional organisation will be an added advantage.
- At least four years’ experience in any of the following areas: IT security, Infrastructure, Technical, support, Systems Administration, Applications support, Electronic Banking/Channels Support, Programming, Database Administration, Systems Analysis
- At least three years supervisory experience
- Knowledge of Banking & Financial Services business
- Knowledge of IT Risk Management
- Knowledge of IT Applications
- Knowledge of Information Security
- Technically competent with broad knowledge of systems management/development/implementation methods and user support at the second level