Job description
The
Information Security Manager is re sponsible for the develo pment, man agement
an d monitoring of the enterprise wide security a rchitecture, policies, proc
edures and controls of th e Letshego Group and is resp onsible for all on-going
activities that serve to protect th e confid entiality and integrity of c
ustomer, emp loyee, and business infor mation and s ystem
Information Security Manager is re sponsible for the develo pment, man agement
an d monitoring of the enterprise wide security a rchitecture, policies, proc
edures and controls of th e Letshego Group and is resp onsible for all on-going
activities that serve to protect th e confid entiality and integrity of c
ustomer, emp loyee, and business infor mation and s ystem
- Leads
the design, implementation, operation and maintenance the Information
Security Management System and architecture based on international and
industry standards - Forms
a “centre o f excellence” for information security management, for example
offering internal management consultancy advice and practical assistance
on information security risk and control matters throughout the
organization and promo ting the commercial advantag es of managing
information security risks more ef ficiently and effectively - Leads
or commissions the preparation and authorizes the implementation of
necessary information security policies, standards, procedures and
guidelines, in conjunction with the Security Committee - Configures
and manages physical, network, infrastructure, application and DB
security. - Develops
and manages an awareness program to ensure personnel understand the risks
/ threats to the business, their responsibilities and how to comply with
policies - Communicates
requirements to technology teams to ensure business needs are met - Provides
technical training to junior ICT team members on security controls,
configurations, management and monitoring. - Creates
awareness and communicates to all personnel levels on issues relating to
information security - Aids
the business in participating in the security processes - Works
with the App lication Systems and Database Manager, Senior Network
Administrator and Technology Development - Manager
to identify and arrange for deployment of appropriate compensating
controls to address security and risk gaps throughout the Group’s systems - Works
with various personnel and managers to develop solutions to address
control gaps; ensure cost vs. risk study is completed for all significant
corrective actions - Serves
as an internal information security consultant to the organization. - Documents
security policies and procedures created by the Information Security
Committee - Leads
the planning and implementation of projects - Facilitates
the definition of project scope, goals and deliverables - Develops
project plans to manage the end-to- end project activities and execution
approach - Manages
project budget, resource allocation and plans and schedules project
timelines - Tracks
project deliverables using appropriate tools
Requirements
- A
Bachelors degree in a technical related field or additional related
experience is required Security an audit related certifications are
beneficial - Information
security manage ment qualifications such as CISSP or CISM - Expert
technic al knowledge in ICT governance and security standards - Broad,
in-depth technical kno wledge of security principles and process is requi
red. - Strong
plannin g and organising skills - Knowledge
o f banking, technology and operations environment. - Strong
technical knowledge - Good
communication skills – written and verbal. - Ability
to prioritise activities and resources. - Ability
to handle multiple activities simultaneously. - Ability
to tran slate technical information into appropriate business language
To
apply for this position please go to www.hrmc.co.bw
apply for this position please go to www.hrmc.co.bw