Description
We are pleased to announce the subject career opportunity within Technology (M-Pesa Africa) reporting to the Director-Technology (M-Pesa Africa).
Role Description
With 5 direct reports and 6 indirect reports, as the Head of Cyber Security, you will be responsible for:
Overall planning, supervising, coordinating, advising, and managing all operations related to MPA risks, Audit & Reviews (Internal and External)
Managing all the intergroup or inter-company functions related to Technology security
Planning and execution of the company and Group strategy, budgets, and deliverables, specifically related to Cybersecurity
Overall compliance & governance management of the MPA Technology environment, with a core focus on technology and the related processes and procedures
Improvement of the Cybersecurity posture of the company through several initiatives, including but not limited to Cyber Security Baselines
Key Role Responsibilities
Impact on the business
Coordinate delivery and assessment of cybersecurity baselines (CSBs) across all MPA relevant business areas and processes
Design effectively and efficiently implement Cyber Security controls and requirements across MPA environments
Own demand planning and forecasting for Technology security, for all systems, services, and processes within the portfolio, working together with vendors and internal customers
Ensure all M-Pesa and third-party systems’ products, services and projects are compliant with the MPA minimum security requirements and Cyber Security Baselines (CSBs)
Responsible for the set-up, execution, and maintenance of the security incident management and coordination process in conjunction with incident management capabilities
Management of the vulnerability scanning, patching, and penetration tests and tracking resolution of vulnerabilities and patches in MPA systems, per the relevant MPA security policies
Coordinate all internal and external audits around Technology systems and processes, ensure these systems are free from known Technology audit findings and ensure all audit findings in these systems are closed within agreed timelines
Perform risk assessments across Technology areas, provide risk reports (including risk management committee reports and audit committee reports) to management as and when requested.
Customers, supplier, and third parties
Ensure compliance with Legal, Regulatory and key stakeholders’ requirements across the Technology domains
Responsible for monitoring of compliance of the Cybersecurity managed services contract, to ensure it is within agreed SLA
Responsible for validation, timely completion, and accuracy of Technology audit checklists and user access rights reviews
Coordination of analytical processes and incident response measures
Ensure proper implementation, projects and change management processes compliance for all planned and emergency changes in Technology systems
Leadership, Planning and Human Resource Management
Manage all the Cybersecurity budgets and planning, in alignment with the company and Group strategy
Manage the Cybersecurity subordinate resources (FTEs and contractors) for their tasks/job descriptions effective implementations
Skills development within the Cybersecurity department
Performance Management of the Cybersecurity team
Provide input to Security Policies and requirements on Technology security methods and technologies
Implement and measure compliance with the MPA cyber code across all users
Provide regular and accurate management reporting on Cybersecurity service performance
Build and manage relationships with key stakeholders to disseminate information and drive mitigating actions
Innovation and change
Manage the Security and Privacy by Design Assurance (SPDA) processes of the GDPR and business requirements
Continually assess and review security policies and controls, to support business requirements and changing security landscapes
Drive continuous improvement through simplification of key cybersecurity processes
Set-up of analytics framework and tools
Communication
Work closely with the projects management team to ensure secure development of software codes and products is adhered and maintained throughout the software development life cycle
Drive internal and third-party service review meetings covering performance, service improvements, quality and processes
Make recommendations for Cybersecurity Service Improvement Plans and ensure actions are followed through to completion in a timely manner
Perform information security awareness and training to all MPA users and third-party vendors, and monitor the effectiveness of the awareness and training
Driving incident planned and emergency communication processes to both internal and external audience
Qualifications
Apply if you have:
Bachelor of Science Degree in Telecommunications, Information/Cyber Security, Information technology or Computer Science
Security certifications (CEH, GCIA, CISM, CISA or equivalent)
MSc or MBA and CISSP will be an added advantage
Minimum of over 7 years’ experience in Technology and Network Systems security and atleast five years in the Cyber security field
Demonstrated understanding and application of the Technology security internationally recognized frameworks, such as ISO27001
Experience with budgeting for Cyber Security unit
We are happy if you have:
Experience from the Banking Industry
Good business acumen
Project Management skills
Leadership skills
High-level negotiation skills
What you can expect from us:
We believe in a fair and robust interview process
We have a robust flexible total reward scheme
Dedicated support and mentoring/coaching
Opportunity to develop and progress – plus a solid dedication to work-life integration. It all means you’ll have everything you need to advance your career and achieve your full potential.
go to method of application »
Use the link(s) below to apply on company website.
Apply via :
