· Guide implementation of Information Security Management Systems (ISMS) according to ISO 27001 keeping abreast of latest security and privacy legislation, regulations, advisories, alerts and vulnerabilities pertaining to the institution
· Conceptualize implementation of appropriate information security policies and procedures provided by the Bank and plan resources to accomplish specific work packages and deliverables
· Initiate development of procedures to implement policy requirements and lead specification of roles and responsibilities
· Define training target groups, develop training measures and implement Information’s security training and awareness programs for employees
· Develop and implement an ongoing risk assessment program targeting information security and privacy matters, recommend methods for vulnerability detection and remediation, and oversee vulnerability testing (software, system architecture, system configuration, user access
· Guide administration of access rights per role (attribution and revocation and ensure consistent application of security standards across global technical infrastructure.
· People Competencies
· Ability to communicate effectively with colleagues in various business disciplines and IT regarding technical and business banking issues in English language
· Role models supportive contributions in the team and negotiates successful resolutions
· Developing, sponsoring or supporting the introduction of new and improved method, products, procedures, or technologies
· Self-Management Competencies
· Ability to work independently, meet deadlines and motivate others to do the same
· Good work-load management: post holder can effectively handle several problems or tasks at once and stays calm under stress and also keeps an overview of priorities
· Maintains an overview of relevant information and shares them with the respective colleagues Hands-on mentality
· Education: and Experience: Hands-on team leadership and management experience, ideally coupled with suitable management qualifications preferred minimum level is degree on Information Technology or related field.
· At least 2 years of professional experience in an operational IT role and Information Security.
· Background in technical IT roles such as IT architecture, development or operations, with a clear and abiding interest in information security;
· Knowledge of information security and risk control frameworks (COBiT, ISO27001, ITIL);
· Knowledge of business continuity and IT disaster recovery frameworks such as ISO 22301;
· Absolutely trustworthy with high standards of personal integrity (demonstrated by an unblemished career history, complete lack of criminal convictions etc.), and willing to undergo vetting and/or personality assessments to verify this if necessary