Head, IT Security at Unified Payment Services Limited

Job Objectives

• The Head of IT Security will be responsible for leading the organization’s efforts to protect its information technology infrastructure, applications, and data.
• This role is crucial for the development, implementation, and maintenance of a comprehensive IT security strategy that ensures the integrity, confidentiality, and availability of the company’s IT systems.
• The Head of IT Security will also work to minimize risk and ensure compliance with industry standards, regulations, and best practices.

Duties & Responsibilities
Strategic Leadership:

• Develop and implement a robust IT security strategy aligned with the organization’s business goals and objectives.
• Ensure the security of IT systems by monitoring evolving risks and establishing proactive defenses.
• Lead, manage, and mentor the IT security team to build a high-performing department.

Risk Management:

• Identify, assess, and manage IT security risks and threats to the organization’s systems and data.
• Conduct regular security assessments, audits, and penetration testing to identify vulnerabilities.
• Recommend, implement, and monitor risk mitigation strategies and plans.

Security Governance and Compliance:

• Develop and enforce IT security policies, procedures, and standards.
• Ensure compliance with relevant security regulations and frameworks (e.g., GDPR, HIPAA, ISO 27001, NIST).
• Oversee and manage security audits, assessments, and certifications as required.

Incident Response & Recovery:

• Develop and manage a robust incident response plan to address and recover from IT security breaches or threats.
• Coordinate response efforts in the event of a security breach, including forensic investigation and root cause analysis.
• Ensure business continuity planning and disaster recovery procedures are in place and regularly tested.

Security Infrastructure Management:

• Oversee the implementation and management of security tools and technologies (e.g., firewalls, intrusion detection systems, endpoint protection, encryption tools).
• Manage vulnerability management processes, including patch management and system hardening.
• Collaborate with other IT teams to ensure secure system architecture, network infrastructure, and application development processes.

Training & Awareness:

• Lead initiatives to promote security awareness across the organization by providing training to staff on best practices for IT security.
• Regularly conduct workshops, seminars, and awareness campaigns to keep employees updated on emerging threats.

Reporting & Analysis:

• Provide regular security status reports and updates to senior management and relevant stakeholders.
• Present analysis on security incidents, metrics, and trends to inform decision-making.

Vendor Management:

• Manage relationships with external vendors, service providers, and consultants related to IT security solutions.
• Ensure third-party vendors comply with security standards and practices.

Key Performance Indicators

• Incident Response Time
• Security Incident Frequency
• Compliance Audit Results
• Vulnerability Remediation Time
• Employee Security Training Completion Rate
• Patch Management Compliance
• Security Policy Adherence
• Security Technology Effectiveness
• Third-Party Risk Management
• Security Awareness Engagement
• Business Continuity and Disaster Recovery Test Results
• Security Budget Utilization.

Job Requirements

• Education: Bachelor’s Degree in Computer Science, Information Security, or a related field
• Others: Familiarity with both on-premise and cloud-based IT infrastructure security.
• Experience: Minimum 10 year experience managing a security team and leading strategic security initiatives an added advantage.

Key Competency Requirements:
Knowledge:

• Technical Knowledge & Expertise.
• Legal & Regulatory Knowledge.
• Cybersecurity Frameworks & Standards.
• Risk Management.
• Security Architecture.
• Data Privacy & Compliance.
• Contract & Vendor Management.

Skill / Competencies:

• Strategic & Leadership Skills.
• Communication & Interpersonal Skills.
• Analytical & Problem-Solving Abilities.
• Adaptability & Innovation.