Chief Information Security Officer - BFS

CISO Responsibilities & Duties :

- Direct and approve the design of security systems;

- Ensure that disaster recovery and business continuity plans are in place and tested;

- Design, review and approve security policies, controls and cyber incident response planning;

- Design, review and approve identity and access policies;

- Managing security audits and vulnerability and threat assessments, and directing responses to network or system intrusions;

- Review investigations after breaches or incidents, including impact analysis and recommendations for avoiding similar vulnerabilities;

- Detecting and preventing intrusion;

- Maintain a current understanding the IT threat landscape for the industry;

- Ensure compliance with the changing laws and applicable regulations;

- Translate that knowledge to identification of risks and actionable plans to protect the business;

- Schedule periodic security audits;

- Oversee identity and access management;

- Make sure that cyber security policies and procedures are communicated to all personnel and that compliance is enforced;

- Manage all teams, employees, contractors and vendors involved in IT security, which may include hiring;

- Provide training and mentoring to security team members;

- Constantly update the cyber security strategy to leverage new technology and threat information;

- Brief the executive team on status and risks, including taking the role of champion for the overall strategy and necessary budget; and

- Communicate best practices and risks to all parts of the business, outside IT.

- Reviewing, implementing, updating and documenting institute wide information security policies and procedures

- Ensuring fulfillment of legal and contractual information security and privacy mandates, including providing executive management with compliance reports and audit findings

Candidate must have :

- Successful candidates should have a strong technical background in systems and network security, along with excellent interpersonal and leadership abilities.

- Superior analytical and problem-solving skills, as well as exceptional written and verbal communication skills, are also essential.

- It is important that candidates keep abreast of industry security trends and developments, as well as applicable government regulations.

- Graduate with five or more years of systems and network security experience. One or more years of managerial experience may also be required. Industry certifications such as the Certified Information Systems Security Professional (CISSP) or the Comp TIA Security+ are added advantage

- Providing leadership, guidance and training to information systems security personnel