Chief Information Security Officer
Job Details
permanent
Dar es Salaam, Dar-Es-Salaam, Tanzania
CVPeople Tanzania
20.12.2023
Want updates for this and similar Jobs?
Full Job Description
JOB PURPOSE
The Chief information
Security Otficer (CISO) is the head of IT security operations, driving
the IT security strategy and implementation forward while protecting
the business from security threats and cyber—hacking.
Responsibilities
- Develop and implement the company‘s Cyber Security
program and enforce the security policy.
- Ensure that
the company maintains a current enterprise—wide knowledge base of its
devices. applications. and their relationships, including but not
limited to:1. Software and hardware asset inventory 2.Network maps
fincluding boundaries. traffic, and data flow and 3. Network utilization
and performance data.
- Ensure that information systems
meet the needs at the company and the ICT strategy. in particular
information system development strategies, comply with the overall
business strategies, risk appetite, and lCT risk management policies
of the institution.
- Design Cyber Security controls with
the consideration of users at all levels of the organization,
including internal (ie. management and staff) and external users {i.e.
contractors/consultants. business partners, and service
providers].
- Organize professional cyber—related training
to improve the technical proficiency of staff.
- Ensure
that regular and comprehensive cyber risk assessments are
conducted.
- Ensure that adequate processes are in place
for monitoring IT systems to detect Cyber Security events and
incidents on time.
- Report to the CEO / CRO on an agreed
interval but not less than once per quarter on the following:1.
Assessment of the confidentiality, integrity, and availability of the
information systems in the Bank. 2 Detailed exceptions to the approved
Cyber Security policies and procedures 3. Assessment of the
effectiveness of the approved Cyber Security program 4. All material
Cyber Security events that affected the company during the
period.
- Ensure timely update of the incident response
mechanism and Business Continuity Plan (BCP) based on the latest cyber
threat intelligence gathered.
- Incorporate the
utilization of scenario analysis to consider a material cyber—attack.
mitigating actions. and identifying potential control gaps.
- Ensure frequent data backups of critical lT systems (eg.
real-time backup of changes made to critical data) are carried out to
a separate storage location.
- Ensure the roles and
responsibilities at managing cyber risks including in emergency or
crisis decision-making, are clearly defined, documented, and
communicated to relevant staff.
- Continuously test
disaster recovery and Business Continuity Plans [BCP] arrangements to
en5ure that the company can continue to function and meet its
regulatory obligations in the event of an unforeseen attack through
cyber— crime.
Requirements
Knowledge and Experience
- University degree Computer Science and other
lCT related courses.
- Certified information Security
Manager {ClSM}
- Certified Information Systems Security
Professional {ClSSP}
- At least 5 years working experience
in Business/IT Applications support
- Familiarity with
service delivery culture and support function.
- A
structured approach to dealing with complex and variable work
environments in an independent manner.
- Ability to
balance opposing business requirements.
- Ability to
balance long term and short term requirements independently
- Strong evaluation. communication and reporting skills
- Able to provide advice and cause/effect evaluation to support
business decision making
- lndependent and logical
thinker, yet an achiever and implementer
- Strong
ethic.