AB BANK Rwanda Plc. is looking for a qualified and competent staff to fill the position of Information Security officer.
Information Security officer is responsible to bring the institution’s information security risks under explicit management control through the establishment and implementation of the Information Security Management System (ISMS).
The ISO will investigate alerts, assisting with developing new security monitoring, use cases and ensuring all investigative activities are properly documented in the bank’s systems and followed up with relevant support teams. The ISO reports directly to Head of Risk and Access Holding’s Information Security Manager.
Major Responsibilities
- Identify, assess and remediate technology and information security risks.
- Assist with implementation of IT Security Policies, Standards, Guidelines, and provide IT Security Advisory services and guidance.
- Build and implement security and compliance goals, define security strategies, metrics, reporting mechanisms and program services; and create maturity models and a roadmap for continual program improvements.
- Proactively identify cyber-security threats.
- Create awareness of Information Security good practices to all staff.
- Drive compliance of enterprise information by identifying and mapping data; determine data protection and privacy requirements; prescribe security controls, prepare plans, assess all data held in all business systems; prepare/update data protection and privacy standards, prepare technical security policies, and procedures associated with data classifications.
- Ensure ABR is current on data protection laws, regulations, and technical requirements to ensure the Bank is not exposed to privacy risks and penalties
- Maintain the data protection and privacy program for ABR Rwanda in compliance with Rwanda Data Protection law, Cybersecurity regulation, and other data protection requirements
- Performing information security risk, vulnerability assessments and serves as an internal assessor for data protection and privacy issues.
- Participate in the development of new and the annual review of existing IT Security Policies, Standards and Guidelines by providing input to enhance the quality and completeness of these documents.
Necessary Experience, Skills and qualifications:
- Bachelor’s degree in information Technology/ Computer Science or related field.
- At least 3 years of work experience in Information Security, Information technology or related field preferably in banking or financial services, Telecom or any related field.
- A good knowledge of information security management or related functions (such as IT audit or IT Risk Management), will be and added advantage.
- A good understanding of technical IT roles such as IT architecture, development or operations, with a clear and abiding interest in information security and or system controls.
- Specialist knowledge and understanding in financial services, obligations of data protection and privacy regulations, privacy technologies, and cybersecurity.
- Ability to work independently, meet deadlines and motivate others to do the same.
- Relevant certifications will be an added advantage, including but not limited to, Certified Information Systems Security Professional (CISSP) from the International Information Systems Security Certification Consortium, and/or Certified Information Security Manager (CISM) awarded by ISACA, and/or Certified in Risk and Information Systems Control (CRISC)
Interested candidates should send ONLY:
- Letter of Interest
- CV
- Copy of academic qualifications
To abr-recruiting@abbank.rw, not later than 22nd September 2023.
[NOTE: Please state the POSITION in the subject of the email.]
Only shortlisted candidates will be contacted.