INFORMATION SECURITY GOVERNANCE Officer

Job Description

Key Responsibilities:
 

• Implement the information security governance structure of the Bank 
• Establish, maintain, and enforce security policies, standards procedures, and guidelines 
• Develop, implement, and deliver security awareness programs 
• Recommend appropriate security measures from a strategic perspective
• Set rules on Postilion Navigator · Maintain the ISG portal · Assist in PIN, upload activities and resolution of related issues/complaints
• Prepare monthly Information Security Report for Management 
• Collate and analyze Information Security Metrics 
• As an employee of the Bank, you are required to abide by the GIMS standards as relates to the three (3) standards ISO 20000, 27001 and 22301 · Enforcing logical security at the various layers of the Bank’s IT infrastructure (network, database, application, and operating system layer) 
• Provide input for security awareness based on identified risk in user management activities 
• Ensure security of all Information entrusted to the staff 
• Ensure compliance with information security principles and policies located in the Bank's intranet knowledge portal 
• Creation of new security policies on NAC 
• Daily review of compliance to security rules on NAC · Review of effectiveness and fine-tuning of existing security rules. · Operating systems risk assessment 
• Administration and Maintenance of mail Cloud APP Security solution. 
• As an employee of the Bank, you are required to abide by the GIMS standards as relates to the three (3) standards ISO 20000, 27001 and 22301 If appointed as a GIMS champion for your business unit, you are required to carry out the assigned responsibilities as defined in the GIMS standards and responsibility manual with well outlined KPIs for each appraisal year

Required Skills:

• Knowledge of global best practices as it concerns global best standards 
• Vast in secure configuration standards for Microsoft, oracle and other 3rd party products 
• Good presentation skills 
• Sound knowledge of cryptography and key management · Good secure configuration of network devices 
• Leadership & people management skills 
• Good understanding of security essentials · In-depth knowledge of windows applications and OS 
• Good report writing skills 
• Knowledge of Key Management/KP

Qualifications:

• First degree (B.Sc.) 
• Any two relevant professional certification(s)
• Certified information systems security professional (CISSP) 
• Certified Information Systems Auditor (CISA) 
• Certified Information Security Manager (CISM) 
• Certified in Governance of Enterprise IT (CGEIT) 
• A master's degree will be an advantage