Reference Number: ITRSM-25102021
JOB PURPOSE:
To manage the Programme’s IT Security Function. The Information Security Manager serves as the process owner for all ongoing activities that provides appropriate access to systems and protect the confidentiality, integrity and availability of information in the organisation.
Description:
REPORTING LINES:
Head of ICT
IT Security Team
BUDGET RESPONSIBILITY:
Influences the management of resources in order to plan, estimate and carry out IT Security function to deliver work on time, within budget and implement quality targets in accordance with appropriate standards.
KEY RESPONSIBILITIES:
Ensures KWTRP is least exposed to fraud Losses by implementing technology prevention and detection measures.
Maintains the data protection process and ensures effective data loss prevention measures and controls are implemented in the organisation.
Advises on Information Security tools and methods necessary to support the KWTRP’s Information Security Strategy.
Maintains and enforces the system risk management and Information security risk management framework/methodology.
Monitors and records IT vulnerability risk register in compliance with the Security Standards, Policies and Architecture.
Identifies and analyses system vulnerabilities to manage and mitigate risks and use forensic technology to assist in any breach investigation.
Performs system risk assessment and gap analysis for all technologies, products, services, departments, and vendors.
Establishes, reviews, and verifies the system risk and Information security risk related policies, standards and procedures documentation.
Implements the IT Security governance structure, Information Security Policy and Standards in line with minimum baseline security Standards and industry best practices and regulations.
Promotes and continuously improves Information Security posture of the organization.
Communicates with management to ensure support for the information security program.
Formulates and reports appropriate Technology Security metrics to management.
Work with Servicedesk to create an enterprise-wide Information Security education and awareness campaign.
QUALIFICATIONS:
A Bachelor of Science in Computing or related degree from a recognised University.
Possession of MBA or M.Sc. in Computing or related field is an added advantage.
Must possess at least one internationally recognizable IT security certification such as CISM, CISSP, CISA, CASP, MCSE CEH or Security+. Having more than one certification is an added advantage.
A minimum of 7 years’ experience in Information Technology, 3 of which must be in Senior IT Security Management with hands on experience in:
IT Security governance
Cloud IT Security management
Software / application and security architectures
IPS and vulnerability Testing tools
Active Directory management
Good understanding of endpoint solutions
An understanding of the perimeter security solutions.
IT Security on O365, operating systems and databases in an heterogenous environment (UNIX, Microsoft, Oracle, SQL, Open source).
Wide knowledge of web security architecture.
Knowledge and skills on encryption, VPN
DESIRABLE:
Excellent verbal and written communication skills with technical and non-technical staff, end-users, and senior management.
Strong teamwork skills to maintain strong working relationships, within and outside IT to develop a results-oriented work environment.
Excellent follow-up skills to see tasks through to resolution and communicate problem status to end users such as notification of completion, notification of delay, and explaining rationale.
Excellent analytical solving skills.
Excellent organizational skills, prioritizing and managing multiple tasks.
Offer and accept feedback and constructive suggestions.
Good logical diagnostic skills and ability to exercise good judgement in the resolution of problems.
Ability to multi-task in dealing with several different problems at a time.
Ability to work under high pressure, meet deadlines, monitor and follow-up on pending matters under minimum supervision.
COMPETENCIES
Demonstrated high levels of confidentiality and integrity .
Excellent interpersonal, written, presentation and communication skills
Excellent analytical, problem-solving and critical thinking skills.
Strong Management, leadership and decision-making skills .
Ability to build strong and effective teams.
Ability to delegate and motivate teams
To apply for this post you must be a registered user. Log into your account then go to Vacancies, view the post and click on the button: “Apply for this job”. All applicants are required to state their current/last salary. Candidates must supply an email and telephone contact that will be used when offering interviews. Only shortlisted candidates will be contacted. Shortlisted candidates shall be required to produce ORIGINALS of their National Identity Card, academic and professional certificates, original transcripts and testimonials, detailed curriculum vitae and valid clearance certificate (certificate of good conduct) during the interviews.
Apply via :
jobs.kemri-wellcome.org
Leave a Reply