Information Security Officer at AB Microfinance Bank

Main Tasks

• Responsibility for ensuring that appropriate policies standards, procedures, and compliance requirements of the organization are met
• Develop security policies that incorporate the best industry practices and fulfill all requirements of the organization
• Work with all departments to ensure system and network security, access control, physical security, and application development appropriately meets industry standards
• Improve operations by conducting systems analysis and business impact analysis: recommending changes in policies and procedures
• Identifying process risks and weaknesses in controls, and developing recommendations and plans to address threats. Coordinate planning activities related to responses to security events.
• Lead in implementing and documenting new security systems (Firewalls, intrusion detection/prevention systems, security information and event management systems).
• Validate that all activities and controls related to the prevention of security incidents are in place and being followed consistently. Coordinate and track all information technology and security related assessment and outcomes.
• Lead efforts to internally assess, evaluate, and make recommendations to management regarding the adequacy of the security controls for the organization's information and technology systems. Work with Internal Audit and LFS consultants as appropriate on required security assessments and audits
• Build and implement security and compliance goals, define security strategies, metrics, reporting mechanisms and program services: and create maturity models and a roadmap far continual program improvements.

Qualifications and Requirements

• Minimum educational qualification of B.Sc. / HND in Computer Science or related discipline
• Minimum of 3 years' experience working in related environment with a variety of security products in a banking environment.
• Experience performing vulnerability assessments, compliance audits, penetration testing
• Technical knowledge of state-of-the art Cyber security tools.
• Demonstrable passion for information security and data privacy, Strong focus on compliance
• Experience in implementing and administering PC/server/network security, database security, application security, systems security administration and user access security administration, a variety of OS such as Windows Server, Linux, Unix and/or i5/OS.
• Any security certification would be an advantage
• Prior working experience with Core Banking System and Enterprise infrastructure
• Background in microfinance, banking, accounting and/or IT