The incumbent’s duties include, among others:
- Carry out technical vulnerability assessments of IT systems and processes, identify potential vulnerabilities and recommendations to control any risks identified.
- Respond rapidly and effectively to IT security incidents, managing them in a professional manner including computer forensics for evidence gathering and preservation.
- Responsible for the coordination of regular Information Security Reviews in the business
- Develop and maintain Information security policy, procedure and programs.
- Analyse information protection technologies and processes to identify technology security weaknesses.
- Monitor the organization’s networks for security breaches and investigate violations.
- Design, implement and maintain the organization’s cyber-security plan.
- Develop and direct implementation of security standards and best practices for the organization.
Qualifications
- Degree in Information Systems, Computer Science or equivalent
- Relevant vocational qualification.
- An MBA would be an added advantage.
- Certification in information security (CISSP, CSSLP, CCFP, CISM, etc.)
- Understanding of information security principles and best practice (e.g., ISO27001 and ISF Standards of Good Practice for Information Security)
- Risk analysis/assessment experience a plus.
- Good oral and written communication skills.
- 4 to 6 years of experience in a senior management role