Our Client in the Financial Services Sector is looking to fill the position of Information Security Lead which has arisen.
Duties and Responsibilities
IT Security Governance
- Develops enterprise information security/ cyber security framework.
- Develops and oversees the implementation of enterprise information security policy, standards, guidelines, and procedures to ensure ongoing maintenance of the information security progra
ITSecurity Risk Profiling and Mitigation
- Conducts periodic security/vulnerability assessments on enterprise IT infrastructure.
- Maintain Risk, Issue, and Change register for information security.
IT Security Design, Configuration, and Monitoring
- Plans, designs, and oversees the implementation of information security infrastructure and solutions.
- Develops and implements policies and practices for encryption of data transmissions and the erection of firewalls to conceal information as it is being transmitted and to eliminate tainted digital transfers.
- Develop and maintain the organization's resilience program including the Business Continuity Planning & Disaster Recovery Planning (BCP & ORP).
- Act as a key stakeholder on the Enterprise Security Incident Response Team.
- Ensures issues raised through information security/ cyber security assessments are addressed.
- Demonstrable understanding of legislative, regulatory, industry standards and best practices that are relevant to the work and ensure compliance.
- Notable standards for Information Security include the Payment Card Data Security Standard, the ISO 27001 and IS022301.
Qualifications and Experience
- A Degree in Computer Science/ Information Technolog/ Telecommunications.
- At least five years' relevant experience.
- Security Certification (CCNP Security/ CEH/ CISSP/ CAM).
- Knowledge of PCI DSS, IS027001 and other security standards.
- Knowledge of security frameworks such as NISTt least 2 Advanced Levels.
- Knowledge and understanding of basic information security principles.
- Knowledge of security standards and best practice guidelines (ISO 27001/2, NIST, ITIL etc.).
- Hands on experience with firewalls, routers, bridges, switches and gateway devices, appliances and software.
- Good theoretical knowledge and practical experience of computer networking (LAN, WAN, IP, TCP/IP, Subnetting, ACL, NAT).
- Theoretical and practical knowledge of IPSEC, VPN, data and protocols multiplexing, Dos tuning.
- Knowledge and understanding of Backup and disaster recovery methodologies.
How to Apply
Interested & qualified individuals may send their CVs and application letters to: firstname.lastname@example.org & email@example.com
Deadline: 24 January 2023