• To provide strategic direction and ensure objectives are achieved using agreed organizational resources, while monitoring the success and failure of the enterprise security program
• Work closely with IT to secure information and develop strategies to minimize the variety of risks that the Bank may be vulnerable to

• Effectively update approved policies as well as communicate to relevant stakeholders.
• Anchor information security awareness within the group and the bank at large.
• Maintain and manage risk and asset registers.
• Closely monitor Group projects to ensure they are successful and executed in a timely manner.
• Monitor Group programs to ensure that the budgets assigned to the programs are not exceeded.
• Act as Librarian for the group to ensure all documents are securely stored and readily available.
• Seeks to achieve required standards (legislative, regulatory, contractual obligations).
• Ensure work-life balance for group members through trainings, leave plan, shift calendar and welfare management.
• Provide strategic direction that ensures objectives are achieved hence guaranteeing the success of enterprise security programs.
• SLA management and project management liaison.
• Embark on continuous staff development, Staffing and general people management of the team
• Manage information risk to an acceptable level to meet the business and regulatory compliance requirements of the bank.
• Ensure that risk assessments, vulnerability assessments, threat analyses and penetration testing are conducted periodically and consistently to identify risk to the organization’s information assets.
• Perform information system security vulnerability scanning to discover and analyze vulnerabilities and characterize risks.
• Recommend appropriate remedial actions to mitigate risks and follow up on control measures to ensure it’s done.
• Participate in post incident reviews and analysis to determine the root cause of information security incidents, develop corrective actions, reassess risk, evaluate response effectiveness and take appropriate remedial actions.

Education:
A good first degree in any discipline. Relevant Master’s degree will be an advantage

Experience:
Minimum of 3 years in banking/financial services with experience in banking operations and information security/ risk analysis

Certification(s):
Certifications in Business Continuity Professional (CBCP), Certified Business Resilience IT Professional (CBRITP), or Certified Disaster Recovery Engineer (C)DRE are a big plus. ITIL and IT certifications and other professional qualifications will be an added advantage

Skills/Competence:

• Good knowledge and understanding of banking Policies and control procedures.
• Process management and document skills
• Understanding of business and Information security administration
• Good accounting skills
• Good understanding of the Information Governance Framework
• Regulatory knowledge and background in Information Security / Controls.
• Good knowledge and understanding of banking/ IT operations
• Process management and documentation skills
• Understanding of business and IT strategy administration
• Regulatory knowledge
• Ability to work across a globally distributed team network
• Proficiency in Microsoft Office with emphasis in Word, Excel and Power BI
• Ability to maintain confidentiality
• Strong and effective stakeholder management skills
• Good numerical or analytical skill
• Good communication skill (Oral & Written)