Apply Online

Information Security Manager

/by

Division: Risk Management Division
Department: Information Security Department

Job Summary:
Design, create and plan the information security program, risk and compliance activities (GRC). Defining, creating implementing and maintaining Bank wide information security policies and procedures while being responsible for design, leading, planning and overseeing successful execution of ISO 27001 programs, 31000 risk management and approved policies.

Duties & Responsibilities:
– Develop corporate wide information security program, policies and procedures as well as the necessary structure, processes and tooling for ongoing compliance and enforcement
– Manage the overall security audits within the Bank by following the approved security policies
– Effectively communicate technical issues to diverse audiences, both in writing and verbally
– Updates security controls and provides support to all stakeholders on security controls covering internal assessment, regulation, protecting personally identifying information data and payment card industry data security (PCI DSS)
– Implement processes such as GRC, to automate and continuously monitor information security controls and create GRC reports
– Mange MIS Trackers, Reports and Dashboards for the management
– Manage Information security risk assessment against industry standard security framework/policies for IT/IS risks
– Maintain and Develop security policies including administrative, personnel security, physical safeguards, technical security, and transmission security
– Oversees and assists in performing on-going security monitoring and audits within the bank’s information systems and network activities
– Evaluate and recommend new information security technologies and counter-measure against threats to information or privacy
– Participate in information security related initiatives and projects as assigned or other duties as assigned
– Ensure alignment with regulatory and compliance frameworks
– Help and advise the IS/IT department to stay up-to-date on the latest security issues and threats

Minimum Qualifications & Experience Required:
– Minimum 6 years of related work experience
– Bachelor Degree in Information Security/IT or equivalent
– Preferred Professional Information Security Certification or equivalent
– ITIL v3(Information Technology Information Library)
– ISO/IEC 2013:27001 Lead Implementer
– ISO/IEC 2013:27001 Lead Auditor
– CEH (Certified Ethical Hacking)
– CISM (Certified Information Security Manager)
– CISSP

We are no longer accepting applications for this ad. Contact us for more details.