Information Security Officer

Qualifications and Competencies

• Bachelor’s degree in Information Technology, Computer Science, Software Engineering, Cybersecurity, Information Systems, or a related field from a recognized institution.
  
• Professional certifications such as CISA, CISM, CISSP, CEH, CompTIA Security+, ISO 27001 Lead Implementer/Auditor, or related certifications will be an added advantage.
  
• At least three (3) years relevant work experience in information security, cybersecurity,
  
• ICT risk management, or related field, preferably in the banking or financial services sector.
  
• Demonstrated knowledge of information security frameworks, standards, and regulatory requirements.
  
• Proficiency in cybersecurity tools, network security, vulnerability management, and incident response processes.
  

• Developing, implementing, and maintaining the Bank’s information security policies, procedures, standards, and guidelines.
  
• Monitoring the Bank’s ICT environment to identify, assess, and mitigate cybersecurity risks and vulnerabilities.
  
• Coordinating information security risk assessments, audits, and compliance reviews.
  
• Managing security incidents, investigations, reporting, and response activities to minimize operational disruptions and losses.
  
• Conducting continuous monitoring of network security, endpoint protection, access controls, and data protection measures.
  
• Supporting implementation and management of cybersecurity tools, systems, and technologies.
  
• Ensuring compliance with applicable regulatory requirements, data protection laws, and industry security standards.
  
• Coordinating user access management and reviewing system privileges to ensure appropriate segregation of duties and least privilege principles.
  
• Conducting staff awareness programs and trainings on information security and cyber hygiene.
  
• Preparing periodic information security reports, risk dashboards, and incident reports for management review.
  
• Liaising with internal auditors, external auditors, regulators, and service providers on information security matters.
  
• Supporting business continuity, disaster recovery, and cyber resilience initiatives within the Bank.
  
• Keeping abreast with emerging cybersecurity threats, trends, technologies, and best practices and advising management appropriately.
  
• Participating in implementation of ICT projects to ensure security requirements are integrated into systems and processes.