Head of Information Security at NBC Bank Limited

?UNASUBIRI NINI? FOLLOW US ON INSTAGRAM. CLICK HERE!?

National Bank of Commerce (NBC) Jobs 2024

Job Description​

• Define, develop, and maintain a business-aligned Information and Cyber Security strategy and operating model;
• Define
  and embed an Information and Cyber Security Policy Framework across the
  bank that addresses the needs of the bank, its staff, customers, and
  other external stakeholders in line with relevant regulatory and
  industry standards;
• Provide advice and direction to the bank’s
  senior leadership team on the integration of cyber security practices
  into the bank’s strategic and operational processes;
• Drive and
  deliver change to the bank’s Information and Cyber Security systems,
  processes, and procedures by continuously analysing and reviewing new
  security technologies and practices as informed by industry best
  practice;
• Report to the bank’s committees and management groups on Information and Cyber Security matters;
• Develop frameworks and processes to support banks cybersecurity governance;
• Conduct controls snap checks around cyber security operations and critical processes;
• Perform
  regular cyber security assessments on systems configurations,
  application security, databases, networks, and data centers to determine
  security violations and inefficiencies;
• Be involved in projects
  implementation providing security guidance from the initial stages of
  systems/ software development up to the end;
• Assist on threat
  intelligence and attack monitoring activities identifying abnormalities,
  reporting violations and recommend essential control measures;
• Monitor identity and access management, including monitoring for abuse of permissions by authorized system users;
• Monitor
  organization’s networks for security breaches and incidents to identify
  the root cause and investigate a violation when one occurs;
• Regular
  monitoring, measuring, and reporting of cyber security thresholds and
  the cyber related key indicators, identify and define reasons for out of
  threshold indicators;
• Undertaking third-party security
  assessment for critical IT Vendors and Service Providers to ensure they
  meet security requirements;
• Assist with internal and external audits engagements relating to information security;
• Oversee internal and external security assessment activities (Vulnerability Assessment and Penetration Test- VAPT);
• Respond
  to security incidents including ‘phishing’ emails and ‘pharming’
  activity, breaches etc. and mitigate the consequences of a
  cyber-incident;
• Analyze security events and incidents, identify
  root cause and impacted control objectives. Ensure risk events are
  booked for all critical security incidents;
• Develop and maintain plans for addressing cyber-attacks. Ensure the plans are updated and tested annually;
• Design
  and implement a robust cyber security architecture that includes
  firewalls, intrusion detection/prevention systems, encryption protocols,
  and other security measures;
• Oversee the installation and
  configuration of security applications such as antivirus software,
  anti-malware programs, and endpoint security solutions to protect
  against cyber threats;
• Conduct regular vulnerability assessments
  and penetration tests to identify and remediate security weaknesses in
  the organization’s infrastructure and applications;
• Develop and
  deliver cyber security awareness training programs to educate employees
  about potential threats and best practices for safeguarding sensitive
  information;
• Monitor the performance of cyber security
  applications and tools, evaluate their effectiveness in protecting
  against cyber threats, and make adjustments as necessary to improve
  overall security posture.

Read Also:

• NEW TANZANIAN JOBS, INTERNSHIPS AND VOLUNTEERING OPPORTUNITIES 2024 (1,475 POSTS)

• CHECK SCHOLARSHIPS OPPORTUNITIES TO STUDY ABROAD CLICK HERE!
• Download Your National ID (NIDA) Number  Here | Download NAMBA NA KITAMBULISHO CHAKO CHA NIDA. BONYEZA HAPA! 
• PAST PAPERS ZA DARASA LA 7 MPAKA FORM SIX | NECTA AND MOCK EXAMS 1988 – 2019. CLICK HERE! 
• Free
  CV Writing and Download, Cover/Job Application Letters, Interview
  Questions and It’s Best Answers plus Examples. Click Here!

Qualifications and Experience

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity or a related field.
• Strong understanding of IT and cybersecurity operations will be added advantage.
• At
  least 5 years of prior relevant experience in IT Security and Risk
  management, Vulnerability management and penetration testing and
  Identity and Access Management.
• Working experience with Microsoft software, Linux, Database (Oracle, MS SQL),
• Preferable cyber security related certifications – CISSP, CISA, CISM, CRISC, CGEIT, CEH, CCNA Security.
• Familiarity with security frameworks (e.g. NIST Cybersecurity framework) and risk management methodologies.
• Good understanding of Infrastructure (servers and network) designs and architecture.
• Familiarity with operational risk and compliance is advantageous.
• Competencies
• Proficiency in Security and Risk management
• Vulnerability management and penetration testing
• Identity and Access Management
• Communications and Network Security
• Application Security
• Asset Security
• System Resilience and Data Recovery Capabilities

Qualifications

• Bachelor`s
  Degrees and Advanced Diplomas – Information Technology, Digital
  familiarity (Meets some of the requirements and would need further
  development), Experience in a similar environment at management level,
  IT Security (Meets all of the requirements), Openness to change (Meets
  some of the requirements and would need further development), Process
  optimisation (Meets some of the requirements and would need further
  development), Reasoning (Meets all of the requirements)

Deadline: 2024-04-19.