Head of Information Security - Banking

{{ flashMessage.message }}

JOB DESCRIPTION / ROLE

Employment: Full Time

Role Statement

• To provide proactive security analysis, develop robust security architecture and ingrain security awareness into the Bank’s environment ensuring the confidentiality, integrity and availability of the bank’s information.

Key Objectives

• Enhanced and robust security posture of the bank
• Complete and well documented Information security policies, standards, guidelines and procedures
• Certified Compliance to the best industry practices and international security standards
• Effective Information Security awareness programs
• Effective security assessment process including Vulnerability management, Risk management, configuration compliance
• Implementation of an effective Security Incident Management process

Principal Responsibilities

• To develop, implement, maintain, and oversee enforcement of Information Security policies, procedures and standards based on industry-standard best practices.
• To design, and implement, reporting mechanism on security systems and end user activity audits.
• Recommend, schedule, and perform security improvements, upgrades, and/or purchases.
• To contribute to the planning and development of Information Security training and awareness programs across the Bank
• To establish annual budget plan in terms of the Bank’s information security activities.
• Coordinate and direct the development, management approval, implementation, and promulgation of objectives, goals, policies, standards, guidelines, and other requirements needed to support information security throughout the Bank as well as within the Bank’s business networks.
• Coordinate with the Information Security units of all Bank’s entities to guide and ensure on a common Information Security Framework across the Bank.
• Act as the primary liaison and decision-maker regarding the work of information security consultants, contractors, and outsourcing firms.
• Manage periodic Bank’s risk assessments that identify current and future security vulnerabilities, determine what level of risk acceptable to management, and identify the best ways to reduce information security risks to this acceptable level and notify management of residual risks.
• To advise, and recommend security features for IT hardware architecture and infrastructure requirements for various information systems.
• To design, and/or oversee external penetration testing of all systems in order to identify system vulnerabilities.
• To ensure that the logs of critical systems are reviewed regularly.
• Conduct research on emerging products, services, protocols, and standards in support of security enhancement and development efforts.
• Participate in the internal Bank’s activities pertaining to the investigation, correction, prosecution, and disciplinary action needed for the resolution of information security breaches, violations, and incidents.
• Manage periodic Bank’s information risk assessments that identify current and future security vulnerabilities, determine what level of risk is acceptable to management, and identify the best ways to reduce information security risks to this acceptable level and notify management of residual risks.
• Establish and maintain strong working relationships with the Bank’s departments /groups involved with information security matters (Legal, Internal Audit, Physical Security, Information Security Management Committee, etc.)
• Act as the central point of contact within the Bank when it comes to all communications dealing with information security incidents, issues, and concerns.
• Initiate and manage special projects related to information security which may be needed to appropriately respond to ad-hoc or unexpected information security events.
• Act as the central point of contact within Group IT for all communications dealing with Internal Audit issues and ensuring appropriate mitigation/closure of all information security incidents, issues and concerns.
• To plan and implement necessary security procedures across the Bank for meeting the requirements as set in International Standard Certifications e.g., ISO, PCI/DSS etc.

REQUIREMENTS

• Minimum Education Level/Discipline Graduate (Science), Certifications like CISSP, CISM, CISA
• Mandatory professional qualifications/licenses: CISSP/CISM/CISA
• Required experience in terms of region/industry/business/function/role: 8-10 years’ experience in managing Information Security across the banking/financial sector

ABOUT THE COMPANY

Building businesses, changing lives

At Tandem, we’ve built a vast network of top-tier professionals across the globe. We empower businesses to thrive by delivering unmatched talent solutions. With our global reach, collaborative approach, and unwavering commitment to excellence, we drive transformative growth and shape exceptional teams.

Who we are.

We are a team of industry experts, driven by a passion for innovation and excellence. We are dedicated to providing unique talent solutions and nurturing collaborative partnerships that redefine success.

Advertise Here
INSTALL APP
×