Job Purpose

To support the organization in safeguarding its information assets by monitoring security systems, identifying and mitigating cyber risks, and ensuring compliance with IT policies and standards. The role is critical in maintaining a secure technology environment, investigating incidents, and promoting security awareness across the organization.

Responsibilities or duties

Under the supervision of the Chief Information Security Officer (CISO), the following are among the Job key Responsibilities:

Security Monitoring & Incident Management

• Continuously monitor security systems and networks for anomalies or breaches.
• Investigate security incidents, perform root cause analysis, and recommend corrective actions.

Policy & Compliance

• Review and ensure adherence to IT policies, standards, and procedures.
• Maintain and update documentation related to security protocols.

Risk Reporting

• Prepare and submit monthly Information Security and Cyber Risk reports to management.

Vulnerability Management

• Assist in tracking and closing vulnerabilities identified through assessments and penetration tests.

Awareness & Training

• Provide support for security awareness programs to strengthen organizational resilience.

Continuous Improvement

• Stay informed on emerging trends and developments in information and cyber security to recommend improvements.

Other Duties

• Undertake assignments as directed by the Chief Risk Officer.

Qualifications or requirements (e.g., education, skills)

REQUIRED SKILLS AND ATTRIBUTES

• Data Analytical skills.
• Decision making.
• Strategic planning and implementation abilities.
• Understating of Information Security
• Good interpersonal communication and negotiation skills.

Experience needed

QUALIFICATIONS AND EXPERIENCE

• Degree in a Computer Science /Technology-related field required.
• A Masters in any of the above fields will be an added advantage.
• Must have Professional Security Management Certification (CISM, Security +, CISSP) and other relevant certifications.
• Minimum of 5 years of experience in a combination of Risk Management, Information Security and IT jobs.
• Knowledge of common information security management frameworks.

• Continuously monitor security systems and networks for anomalies or breaches.
• Investigate security incidents, perform root cause analysis, and recommend corrective actions.
• Review and ensure adherence to IT policies, standards, and procedures.
• Maintain and update documentation related to security protocols.
• Prepare and submit monthly Information Security and Cyber Risk reports to management.
• Assist in tracking and closing vulnerabilities identified through assessments and penetration tests.
• Provide support for security awareness programs to strengthen organizational resilience.
• Stay informed on emerging trends and developments in information and cyber security to recommend improvements.
• Undertake assignments as directed by the Chief Risk Officer.

• Data Analytical skills.
• Decision making.
• Strategic planning and implementation abilities.
• Understating of Information Security
• Good interpersonal communication and negotiation skills.

• Degree in a Computer Science /Technology-related field required.
• A Masters in any of the above fields will be an added advantage.
• Must have Professional Security Management Certification (CISM, Security +, CISSP) and other relevant certifications.
• Minimum of 5 years of experience in a combination of Risk Management, Information Security and IT jobs.
• Knowledge of common information security management frameworks.