Job Role: Systems Security Management Officer
Responsible for ensuring that guidelines for security in projects are met . Also ensure network security risk, application security (e.g. pen testing), Data base & Asset risk mgt. protection & review. The Systems Security Management officer will also engage in all activities pertaining to information and cyber risk assessment and ensure response strategy are properly implemented while also making sure that security vulnerabilities as well as incidents are managed proactively to prevent or minimize disruptions to business activities in case of possible security breaches.
• Academic/Professional: Bachelors’ Degree or master’s in computer science, programming, Information Security/Information Technology, Electrical/Electronic Engineering or Computer Engineering/Information Systems Management or related field
Work Experience: Experience in information security, business continuity and data privacy. Experience with security testing and tech
- Ensure a proactive information security and cyber security risk assessment is carried out in line with the requirements of the business as well as the best practices.
- Ensure a robust risk response plan is established to address potential information / cyber threats across the 3 Lines of Defence.
- Define security architecture design requirements, controls and provide expert advice for all projects.
- Ensure implemented security architecture design, requirements and controls meet applicable policies and standards in all projects.
- Ensure the appropriate scanning technologies are configured and maintained.
- Review and validate security tools implemented by the first line.
- Run and analyse vulnerability and compliance scans to support vulnerability management.
- Responsible for performing vulnerability assessment and penetration testing on a regular basis.
- Monitor the company’s digital presence and ensure all digital presence requirements are maintained.
- Support the management of all digital and technical assets.
- Define business requirements (e.g., regulatory…) for information security operations, define use case, configure, maintain, implement.
- Ensure that a robust threat intelligence program is put in place.
- Ensure security event and cyber threat monitoring, analysis and reporting including documentation and mitigation of discovered cyber risks.
- Ensure that cyber incident response team and underlying processes are in place and security incidents are managed effectively.
- Responsible for maintaining the Security Operation Centre (SOC)
- Perform monitoring of operational activities done (security monitoring)
- Follow up and ensure remediation of the alerts from security event monitoring (malware analysis, threat hunting, alerts from security systems…) and management of security devices (AV, proxy, email gateway, FW, network devices, etc.) by IT
- Evaluate & ensure remediation of security lapses in new technology or product before they are deployed.
- Have a good knowledge of business risks associated with common security vulnerabilities and be able to effectively communicate same to application developers, Infrastructure & Network Team and/or senior managers effectively.
- Collaborate with and support the Group Information Security Practice, Local CISO/CSO and other stakeholders as necessary to ensure that information security within Company is relevant, cost-effective and is delivered in accordance with the Group Information Security Strategy
- Promote a culture of information security and raise awareness.
- Stay current on IT security trends and news and proactively hunt for potential threat actors on the network.
Required Skills and Competencies
- A forensic approach to challenges
- Analytical Skills/ Problem solving
- Interpersonal Skills
- Verbal & Written communication skills, including presentation skills with an ability to communicate with a range of technical and non-technical team members and other relevant individuals.
- Time management and organisational skills to manage a variety of tasks, prioritise workload and meet deadlines while providing high quality and timely products.
- Demonstrate the ability to learn and apply critical thinking to a variety of situations.
- Ability to work as part of a team and build strong relationships with staff and other relevant individuals.