Head, Information Security
Role: Head, Information Security
Reports Direct to: Chief Risk Officer
Location: Head Officer, Ridge -Accra
Job Purpose
The Head, Information Security is responsible for the development, implementation, and monitoring of information security strategy and a comprehensive Bank-wide information security program to ensure the Bank’s information assets and technologies are adequately protected.
Key responsibilities:
- Develop, implement, and monitor comprehensive and measurable cyber and information security strategic plans that align with the strategic goals of the bank.
- Oversee the development and maintenance of globally recognized cyber and information security management framework.
- Work with leadership to develop and secure approval for the annual operational budget, monitor, and provide regular feedback on budget implementation.
- Collaborate with other departments to ensure that the Bank’s information security objectives are achieved.
- Serve as an expert advisor to senior management in the development, implementation, and maintenance of information systems to ensure best practices control objectives are achieved in protecting information assets.
- Implement and enforce policies and procedures
- Periodically provide management and the Board of Directors with updates regarding the Bank's cyber security posture.
- Ensure compliance with regulatory requirements and the international standards to which the Bank has subscribed.
- Establish and maintain information security policies that support business goals and objectives
- Key Indicators
- Enforce adherence to security practices
- Develop and implement the Bank’s cyber and information security risk management frameworks for effective risk management.
- Provide strategic risk guidance for IT projects including evaluation and recommendation of technical controls
- Develop metrics and indicators to evaluate the effectiveness of cyber and information security systems and procedures in the Bank.
- Qualifications (Key technical skills/knowledge required for position)
- Minimum of twelve years’ experience with at least six years as System Analyst/Administrator and in a supervisory role
- Minimum of master’s degree in computer science or any equivalent professional qualification ·
- Enterprise information security framework such as ISO/IEC 27001, PCI DSS, NIST cyber security and SWIFT customer security program.
- Certified Chief Information Security Officer
- ISACA Certified Information Systems Auditor (CISA)
- Certified ISO/IEC 27001 Lead Implementer
- Certified ISO 22301 Lead Auditor
- Certified ISO 22301 Lead Implement
- Outstanding stakeholder management and cross-functional leadership.
- Minimum of twelve years’ experience with at least six years as System Analyst/Administrator and in a supervisory role
Why Join Us
- Competitive compensation with performance incentives and career growth opportunities.