Strategic Importance of this Role to the Company:
The constant threat and impact of cybersecurity incidents is felt throughout the digital world. As a financial institution, we have the responsibility to protect against both the compromise of personal and financial information as well as the compromise of financial systems. Being a financial institution makes the Company an attractive target of attack. It is imperative that Company maintains a deep understanding of the world of cybersecurity, current cybersecurity affairs and events, protects its ICT systems with the latest technology and standards as well as implements stringent information and cybersecurity controls.
The Information Security Manager is responsible for securing the institutions information systems and data. They oversee the introduction and execution of all security operations and procedures. The Information Security Manager leads and grows the IT Security team and manages the projects undertaken by the team.
Duties and responsibilities in this position are:
- Define and maintain the cybersecurity strategy for the organization establishing the risk appetite, states, phases of maturity and implementation plans.
IT Security and Risk Management Program
- Operate a comprehensive IT security and risk management program comprising policies, procedures, governance and controls, security operations,
Manage and grow the IT Security team
- Recruit and develop the members of the Information Security team. Manage daily operations and monitor the performance of the team members. Distribute tasks and responsibilities amongst the team members.
Plan and Manage Technical Projects
- Plan and oversee the introduction of new tools, technologies and processes. Manage the implementation, definition and introduction of operating procedures, training of staff and transition into an operational state.
Current affairs, industry trends and threats
- Continually research, monitor and assess developments in the industry and global environment to understand new products and innovations, evolving threats and vulnerabilities and modern control techniques
- Handle IT security audits and requests for data from regulators, audit firms and card schemes.
Security Incident Management
- Own the information security incident management process, handling investigations, remediation, and reporting.
Execution of Security Operations
- Define, oversee, and monitor the information security operations including, but not limited to, event analysis, threat monitoring, access control and security awareness training
- A minimum of seven years of IT experience, with five years in an information security role
- A bachelor's degree in information systems or equivalent work experience
- Exhibit excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives.
- Project management skills: financial/budget management, scheduling and resource management.
- Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals.
- A strong understanding of the business impact of security tools, technologies and policies.
- Strong leadership abilities, with the capability to develop and guide information security team members and IT operations personnel, and work with minimal supervision.
- Excellent verbal, written and interpersonal communication skills, including the ability to communicate effectively across the organization.