Job Description :
Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program.
Ensure that all concerned parties are showing full adherence to the security standards applied and committed by the company management.
Develop and enhance an information security management framework, including IS policies.
Understand and interact with related disciplines, to ensure the consistent application of policies and standards across all technology projects, systems and services.
Raise awareness of Information Security & IT risk management concerns to company staff.
Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems.
Lead the development of up-to-date information security policies, procedures, standards and guidelines.
Identify, evaluate and report on information security risks, practices and projects to the top management and the BOD.
Ensure that the IS program is in compliance with applicable laws, regulations, and contractual requirements.
Qualifications :
10 years of experience, working in financial institutions with at least as Information Security Officer.
Security technology acumen and experience including but not limited to: firewall, intrusion detection, cyber-attack tools and defenses, encryption, certificate authority, web filtering, anti-malware, and anti-phishing.
Bachelor s degree in IT, Network Engineering or Information Security.
Certified as CISO
Other IT or Security Certification is plus.
Knowledge of security, risk and control frameworks and standards such as ISO 27001 and 27002, COBIT, COSO, PCI-DSS and ITIL.
Excellent communication skills.
Excellent Analytic skills.
Proven track record of developing IS policies & procedures.
Detailed oriented.
Good Project Management & People Management skills.
Proven track record of delivering enhancements to process efficiency.
Committed to deliver tasks with high quality and on time.
Excellent Presentation skills.