Senior Information Systems Security Office

Job Purpose

The role is responsible for all assurance activities related to the availability, integrity, and confidentiality of customer, business partner, employee, and business information in compliance with the Bank’s information security policies.

Key Duties and Responsibilities

  • Overseeing and implementing the bank’s cyber security program and enforcing the cyber security/framework.
  • Support administration, optimization, and support of the Bank’s Technical security solutions, including perimeter email, cloud, network, endpoint, and data security solutions in compliance with the Bank’s policies and standards.
  • Ensuring the bank maintains a current enterprise-wide knowledge base of its users, devices, applications, and their relationships;
  • Ensuring the information systems meet the needs of the bank, in particular information system, development strategies, enterprise risk management framework, risk appetite, and ICT policies.
  • Design cyber security controls considering all users at all levels of the organization including internal customers and third-party users/external users.
  • Work in collaboration with appropriate stakeholders to ensure staff and vendors’ access to our systems is secure has the necessary controls in place, and devices are fully operational and secure.
  • Organizing professional cyber-related training to improve the technical proficiency of staff.
  • Conduct regular and comprehensive cyber risk assessments that consider people (i.e. employees, customers, outsourcing, and other external parties) processes, data, and technology.
  • Ensure timely update of the incident response mechanism and business continuity plan (BCP) based on the latest cyber threat intelligence gathered.
  • Ensure frequent data backup of critical IT systems (e.g. real-time backup of changes made to critical data) is carried out to a separate storage location.
  • Ensure the roles and responsibilities of managing cyber risks, including in emergency or crisis decision-making, are clearly defined, documented, and communicated to relevant staff.
  • Continuously test disaster recovery and Business Continuity Plans (BCP) arrangements to ensure that the bank can continue to function and meet its regulatory obligations in the event of unforeseen attack through cybercrime
  • Research and provide technical security expertise in the Cyber Security Environment
  • Undertaking any other duties as may be assigned from time to time.

Job Requirements and Experience

For appointment to this grade, a candidate must have:

  • Bachelor’s Degree in Computer Science or IT, Information Systems or related field;
  • A Master’s degree in Computer Science or IT, Information Systems, or a related field is an added advantage;
  • Six (6) years of relevant working experience;
  • Skills: Risk management, Reporting, Information security, System and network security, Testing and debugging, IT support;
  • Professional qualifications in any of the following: CISA/CISM/CRISM/ CEH/ CISSP/ MCSE/MCITP/CCNA/Project Management Certification; SSCP; CompTIA Security+; OSCP.
  • Member of a relevant professional body;
  • Management and supervisory trainings.
  • Meets the provisions of chapter six of the constitution

To Apply

Interested and suitably qualified individuals should forward hard copies of their applications, enclosing copies of their academic and professional certificates, detailed CV indicating work experience, contacts, and addresses of 3 professionally relevant referees by close of business on 3rd May 2024. Use the email recruitment@devbank.com. Only shortlisted candidates will be contacted.