Job Title: Information Security Officer
Position Type: It is a contract position until March 2022
The position is located in Tanzania, with the option of working remotely from current location.
Job Description:
The Information Security Officer serves as the process owner of all assurance activities related to the availability, integrity, and confidentiality of customers, business partners, employees, and business information in compliance with the organization’s and regulator information security policies. A key element of the role is working with management to determine acceptable levels of risk for the organization. The technology security, risk, and governance officer are responsible for IT security, driving the IT security strategy and implementation forward whilst protecting the business from security threats and cyber-hacking, including operational compliance to all ISO and other standards and regulations. This position is responsible for establishing and maintaining a corporate-wide information security management program to ensure that information assets are adequately protected.
Job Purpose:
- The main purpose of this function is to ensure that organization’s computers, networks, and data are protected against threats, such as security breaches, computer viruses, or attacks by cyber-criminals.
The day-to-day duties:
- Creating and implementing a strategy for the deployment of information security technologies
- Performing IT security risk assessments and reporting on ways to minimize threats
- Monitoring security vulnerabilities and hacking threats in network and host systems
- Tracking latest IT security innovations and keeping abreast of the latest cybersecurity technologies
- Ensuring IT business continuity and DR capabilities
- Communicating with key stakeholders about IT security threats
- Implementing an effective process for the reporting of security incidents
- Overseeing the investigation of reported security breaches
- Developing strategies to handle security incidents and trigger investigations
- Managing the IT security team, security experts, and advisors
- Complying with the latest regulations and compliance requirements
- Championing and educating the organization about the latest security strategies and technologies
- Ensure that all IT audits/observations are closed within agreed timelines
Key responsibilities:
- Managing the daily operation and implementation of the IT security strategy
- Conducting a continuous assessment of current IT security practices and systems and identifying areas for improvement
- Running security audits and risk assessments
- Delivering new security technology approaches and implementing next-generation solutions
- Overseeing the management of the IT security department, giving leadership to the team, and developing staff
- Ensuring compliance and governance is met
- Driving change projects and building new IT capabilities
- Developing and implementing business continuity plans to ensure service is continuous when a change program is introduced or a security breach occurs or in the event that the disaster recovery plan needs to be triggered
- Devising strategies and implementing IT solutions to minimize the risk of cyber-attacks
- Ensure IT compliance with audit observations
- Identifying vulnerabilities in our current network.
- Developing and implementing a comprehensive plan to secure our computing network.
- Monitoring network usage to ensure compliance with security policies.
- Keeping up to date with developments in IT security standards and threats.
- Performing penetration tests to find any flaws.
- Collaborating with management and the IT department to improve security.
- Documenting any security breaches and assessing their damage.
- Educating colleagues about security software and best practices for information security.
Essential Skills:
- Digital leadership skills – capable of empowering and leading an IT team to meet business and IT security goals
- Solid people management skills – providing direction, monitoring performance, motivating staff, and building a positive working environment
- Ability to adapt to a fast-moving IT landscape and keep pace with the latest thinking and new security technologies
- A passion for technology and security safeguarding with a desire to deliver
- Thrives on change, showing an impressive ability to drive the IT security strategy forward
- Analytical mind capable of managing numerous information sources and providing data analysis reports to senior management
- Strong customer focus – able to meet the demands of internal and external customers
- Excellent communication skills – providing verbal and written communication that is outstanding to both direct reports and senior management as well as other stakeholders
- Flexible and adaptable – capable of changing direction where required and showing flexibility to meet new demands
- Forms business partnerships that help drive the IT security strategy forward
- Can make decisions that are well informed and timely
- Creative thinking – able to look at alternatives and consider new ways of thinking to problem solve
- Multi-tasking – can manage several concurrent projects and prioritize demands
Qualifications Requirements:
- A Bachelor’s degree in computer science or a qualification in a related subject
- Knowledge of common information security management frameworks, such as ISO/IEC 27001, and NIST
- Professional information security certification.
- Experience in an information security role.
- Solid knowledge of various information security frameworks.
- Excellent problem-solving and analytical skills.
- Ability to educate a non-technical audience about various security measures.
- Excellent written and verbal communication skills and a high level of personal integrity
Relevant experience:
- Proven IT security experience in banking or telecommunications industries
- Knowledge of the latest IT thinking and threat modeling methods together with a creative drive
- Change management and business process experience with a proven track record of driving large-scale change programs
- Experience in managing a team
- A proven record of dealing with complex projects and meeting conflicting demands
- Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams
- Experience with contract and vendor negotiations and management including managed services
- Specific experience in Agile (scaled) software development or other best in class development practices
- Experience with Cloud computing/Elastic computing across virtualized environments.
Desired Skills:
- Cloud
- Agile
- ISO
- NIST
- Cyber Security
- Governance
- Risk
- Security Risk
Desired Work Experience:
- 5 to 10 years
Desired Qualification Level:
- Degree