Information and Security Specialist at Innovectives Limited

Job Description

• Develops and maintains Information Security policies and standards on an Enterprise wide basis.
• Monitors compliance with the Information Security Program and works with management to ensure policies are implemented effectively.
• Developing network security standards and guiding network design to meet corporate requirements
• Conducting network security assessments and monitoring IDS, firewall, and SIEM systems
• Working with internal and external business partners on ensuring that IT acquisitions meet network security standards
• Ascertains the extent to which information collected, held and/or used in the organization is properly controlled and safeguarded from loss of confidentiality, integrity or availability.
• Planning, implementing and maintaining standards, guidelines and security monitoring process in relation to general control, security programs and privacy regulations and customer authentication.
• Aid in the event of information security incidents. Maintains customer information breach and incident logs.
• Co-ordinates Technology and Customer Information Risk assessments.
• Initiates, facilitates and promotes activities to create information security awareness within the organization.
• Co-ordinates monthly meetings to discuss and resolve all the information security practices.
• Assist in the implementation of an Identity Theft Program.
• Reports to the Board of Directors on an annual basis the status of Information Security Program.
• Reviews critical Technology applications to ensure employees have access to applications that are necessary to perform their job requirements.
• Reviews various network logs.
• Maintains Cybersecurity Assessment tool to evaluate risk and cybersecurity preparedness.
• Oversees proper disposal of documents containing customer information and media hardware containing non-public personal information.
• Manages key control testing & ensures resolution of findings in a timely manner.
• Provides annual and on-going Information Security Training & ID Theft Red Flag Training for all employees and members of the Board of Directors.
• Subscribes to threat & vulnerability information sources and participate in cybersecurity associations.
• Keeps abreast of trends and regulatory changes.
• Participates in professional group meetings
• Maintains complete confidentiality of information obtained.
• Assumes additional responsibilities as requested.

Qualifications

• BS/MS Degree in Computer Science, Engineering or a related subject
• Minimum of 5 years cognate experience in the Financial Services industry
• Knowledge of current security risks and protocols
• Willingness to work on-call in the event of a security breech or other emergency
• Good analytic and problem-solving skills
• Knowledge of information security standards ISO/IEC 2700:2018; PCI DSS, Information Security best practices, fintech and banking operations and procedures, and regulatory requirements.
• Experience should include security policy development, network penetration testing, application vulnerability assessments, risk analysis and compliance testing.
• Working knowledge of application & infrastructure security solutions (Firewalls, Intrusion Detection/Prevention Systems, Network Security, Password Management, Data Encryption, and Access Control).
• Excellent communication (oral, written, presentation), interpersonal and consultative skills.