JOB PURPOSE STATEMENT / POSITION OBJECTIVE

The Information Security Manager is a senior officer responsible for overseeing and ensuring the security, integrity, and confidentiality of the organization’s information systems, digital assets, and technologies. The Incumbent will develop and implement strategies to safeguard the organization’s information infrastructure against cyber threats, manage ICT risk, and ensure compliance with all relevant regulations. This role requires close collaboration with senior leadership to align information security strategies with business objectives and promote a culture of security awareness across the organization.

CANDIDATE SPECIFICATIONS

• For the above position, the successful applicant should have the following:

Education:

• Bachelor’s in information technology, Computer Science, Cybersecurity, or a related field. A master’s degree will be an added advantage.
• Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Chief Information Security Officer (CCISO) are highly desirable.

Experience:

• Minimum of 10 years of experience in information security, risk management, or IT governance roles.
• Proven experience developing and implementing successful information security strategies and policies within a complex organization.
• In-depth understanding of cybersecurity threats, technologies, and risk management practices.
• Demonstrated ability to manage large-scale security incidents, including data breaches and cyber-attacks.
• Experience working in highly regulated industries such as finance, healthcare, or government is a plus.
• Core Banking systems knowledge is desirable.

Technical Skills:

• Deep knowledge of security frameworks and standards (e.g., NIST, ISO/IEC 27001, COBIT, GDPR, SOX, HIPAA, etc.).
• Strong understanding of cloud security, network security, encryption technologies, and secure application development.
• Experience with incident detection, incident response, and forensics.
• Familiarity with security technologies such as firewalls, intrusion detection/prevention systems, SIEM, VPNs, and endpoint protection.

Soft Skills:

• Strong leadership and team management skills, with a track record of building and leading effective security teams.
• Excellent communication skills, with the ability to present complex security concepts to both technical and non-technical stakeholders.
• Strong analytical and problem-solving skills, with the ability to balance business needs and security requirements.
• Strategic thinker with the ability to drive security initiatives in alignment with the organization’s long-term goals.
• Core Banking systems knowledge is desirable.