Information Systems Security Officer at Netcom Africa

Job Summary

• The job holder will create and institute measures to safeguard sensitive information within a computer network.
• The job holder will (ISSO) research, develop, implement, test and review an organization's information security in order to protect information and prevent unauthorized access.
• He /She will inform users about security measures, explain potential threats, install software, implement security measures, and monitor networks.  The audience are both internal (Netcom Staff) and External (Client).

Key Duties & Responsibilities

• Regularly and systematically review network and systems with view to identify potential security weaknesses. Recommend improvements to mitigate vulnerabilities and provide system owners guidance in its remediation.
• Document and present drafted security policies, procedures, standards and baseline for approval by VP operations and Netcom Senior Management.
• In Alignment with VP operations, lead Netcom’s and client’s information security program to ensure timely vulnerability remediation, and protect information assets from unauthorized access, modifications and disclosure.
• Technical and economic review, compare, test, and evaluate new against existing security solutions to support PLC progress, decisions, and implementation.
• In Coordination with VP Operations, Design, Develop and lead the implementation of Security Operation Center
• Develop, document and lead the implementation, of comprehensive plan to secure the Company’s and Customer network, platform, systems, and databases, including back-up and remediation plans and measures to ensure business continuity.
• Develop, and audit the implementation of network and systems usage monitoring policy and procedure to ensure easy visibility of alerts and escalation of incidents regarding noncompliance with security policies are maintained.
• Track and keep records of company overall security and cyber risk status including readiness and ability to react to and recover from security events, through definition, measurement and make relevant updates of KGI, KRI and indicators of compromise with the view to implement required control as shall be approved by VP operations and Senior Management.
• Define, create, and maintain the documentation for security certification and accreditation of each network, platform, system and application design and implementation.
• Collaborate with VP operations, Senior Management and Security Capability owners to economically improve security, security products and security services.
• Work with Netcom Senior Management, Security Steering committee and other stakeholders to ensure that company cyber-risk are within acceptable limit, and strategic alignment of information security programs.
• Assess the impacts on system modifications and technological advances
• In coordination with VP operations and Senior Management, lead the implementation of ISO 27001 standards.
• Create and maintain a security roadmap for Netcom and Customers.
• Educate and train colleagues (IT team and users), and customers about security best practices, security measures, potential threats, software installation, and security measures implementation.
• Keeping up to date with developments in IT security standards, threats, and technological advances for assessment of implemented solutions and identification of necessary modifications and changes.

Experience, Education and / or Professional Qualifications

• Degree in Computer Science, programming or engineering, or a technology-related field.
• Minimum of 5 years’ experience in networking systems, information technology security, or network security is recommended
• Professional information security certification, preferably Certified Information Systems Security Professionals (CISSP) according to an accredited body.
• Experience in an information security Governance, Risk and Compliance role.

Essential Skills / Knowledge / Traits:

• Technically capable to design, cost, implement support, maintain, and keep administration of security systems, accounts and policies for all Netcom security products and services.
• Highly analytical and effectively able to troubleshoot and prioritize needs, requirements, and other issues.
• Commitment to continuous learning and system development because of the constant developing nature of information systems security and cyber-attacks.
• Linux, Cisco and other Routing and Switching network technologies, and security.
• Undertake implementation and execution of intrusion detection and prevention systems and actions.
• Security Information and Event Management - Malware, cloud security, incident response, measures, notifications.
• Solid knowledge of various information security frameworks.

Desirable Skills / Knowledge / Traits:

• Effective verbal and written communication skills.
• Excellent problem-solving and analytical skills.
• Ability to educate audiences of a wide variety of technical and non-technical backgrounds about various security measures.
• Excellent teamwork and conflict management skills.