Enterprise Security Manager (PAPSS) – African Export Import Bank (Afreximbank)

  • Information Technology
  • Full time
  • 2 months ago
  • Minimum Qualification BSC/HND

Job Description

Security Operations and Incidence Management:

  • Oversee and direct information security activities in line with the information security operations and programme / framework.
  • Provide leadership, guidance, and education/awareness regarding security initiatives to embed security management processes throughout the organization.
  • Lead operational implementation, support and monitoring of organizational security policies to support internal controls and PAPSS critical infrastructure including identity and access management, intrusion detection, vulnerability scan and monitoring, patch management, anti-virus, security awareness, cloud security monitoring, contingency planning and testing etc.)
  • Provide guidance regarding cyber threat intelligence to support security assessments.
  • Work with IT and business risk owners, develop requirements, strategies, and robust framework to enhance the overall cyber security program.
  • Perform advanced cyber intrusion detection/analysis and forensic review, recommending areas requiring further investigation and remediation.
  • Oversee and conduct security and risk analysis including IT vulnerability and risk assessments, penetration testing, risk control evaluation, security requirements identification, and verification.
  • Work closely with the IT team and management to assist in the resolution of cyber security events and incidents and recovery.
  • Prepare reports and briefing notes for Head of PAPSS and senior management on developments in Cyber management, including assessment of the relevance and implications for PAPSS.
  • Review and monitor change management procedures on all system changes, systems configuration changes and application of security patches to ensure that information security is not compromised.
  • Prepare occasional reports and short notes to be published on the website to enhance trusted relationships with Central Banks, Financial Institutions, Financial Market Infrastructures, regulators, and other relevant organizations.
  • Manage and lead all activities relating to cybersecurity resilience planning, contingency planning, business continuity management and IT disaster recovery in conjunction with relevant functions and third parties.
  • Monitor and review operations logs and event console activity to identify potential security related events and investigate all anomalies.
  • Manage system compliance to identified achievement targets for end points (antivirus, patches, threats, etc).
  • Manage and review response and recovery plans; and periodically test the response and recovery plans, where appropriate.
  • Maintain documentation of all information systems security and change management processes.
  • Software and Application Development Security:
  • Responsible for ensuring secure software and application development.
  • Ensure use of security best practices in software development life-cycle for all developments in the organization.
  • Ensure implementation of best practices security mechanisms and controls in all applications developed for (or by) the organization whether cloud or in-premise based.
  • Ensure enforcement of best practices security mechanism and controls in development environments as well as in Production environment.
  • Ensure implementation of best practices security mechanism and controls in all application/ software acquired by the organization whether cloud or in-premise based.
  • Manage all processes for testing effectiveness of software security.
  • Ensure use and implementation of secure coding guidelines and standards for all developments.
  • Maintain documentation of all software and application development security model changes and change management processes.

Requirements
Qualifications and Skills:

  • Graduate degree and professional qualifications are required.
  • Relevant Bachelor’s and Master’s degree in Computer Science, Management, Engineering or related fields.
  • 12+ years of Information Security Management experience required.
  • Proven information security and risk management leader and expert in the architecture planning, design, development, delivery, monitoring and support of enterprise-class security for critical infrastructures and systems, both on cloud and on-premise.
  • Experience in Real-Time Payment or Instant Payment networks is a big advantage.
  • Information security management or related qualifications such as CISSP, CISM, CISA, CCSP, CSA, CCSK, CRISC, GIAC certifications, ISO 27001 are required.
  • Hands-on team leadership and management experience. This is a hands-on role.
  • Sound knowledge and understanding of information processing environments, network infrastructure, data communications, cloud infrastructure, and operating system administration, and information security principles.
  • Experience with AWS cloud infrastructure is an advantage.
  • Knowledge of standards, guidelines, and regulatory requirements to manage enterprise risk and to improve internal controls.
  • Must be highly aware of emerging trends in IT security.
  • Strong knowledge on different infrastructure architectures and security architecture underpinning them.
  • Experience of internal business applications security mechanisms including access management is very desirable.
  • Ability to communicate and function in a culturally diverse and change oriented setting;
  • Excellent written and oral communication skills, exceptional interpersonal skills and the proven ability to influence and
  • Communicate effectively across functional lines.
  • Strong analytical, planning and project management experience with strong problem-solving capabilities with proven ability to lead projects end-to-end to meet commitments or compliance.
  • Excellent verbal and written communication in English. Knowledge of any of French, Portuguese and Arabic is an advantage.

Benefits and Contractual information

  • Permanent
  • USD tax exempt salary
  • Willing and able to relocate to Cairo, Egypt
  • Suitably qualified candidates from all African nationalities are encouraged to apply
Job alerts

Receive emails for the latest jobs matching your search criteria

Job skills