Cyber Security Specialist at Britam

Job Purpose:

The role holder will be responsible for mitigating the increasing cybersecurity risks and lead IT security initiatives across the Group. The role holder will provide the technical and managerial competencies to manage current exposures as well as assess potential new threats. 

Key responsibilities:

• Develop the ICT Security strategy and operational plan for the organization to include security of hardware, software and networks; which includes acting as an IT risk champion with the group risk and compliance department.
• Act as the central point of contact for all ICT security incidents, develop incident handling procedures, report all incidents to the responsible incident response capability and track remedial actions.
• Manage controlled access rights for Britam`s various systems in conjunction with ICT Service delivery team.
• Ensure periodic vulnerability and security risk assessments and manage the primary outsourced ICT suppliers to ensure that risks to the security of Britam’s systems and its information assets are managed.
• Develop and implement programmes to test system and data security measures, review findings and improve those system and data security measures.
• Ensure that all staff members are trained on Britam’s security policies and other relevant issues.
• Develop, establish, implement, and enforce supplier and outsourcer guidelines obligations, and SLAs to the organization.
• Oversee the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically.

Knowledge, experience and qualifications required:

• Degree in Computer Science/Electrical Eng./Technology Management.
• 7 - 10 years’ experience in a large IT environment with at least 3 - 4 years of which should be in a management position.
• Knowledge in software, Hardware, Systems Administration, Network Technology.
• Professional Information Security qualifications: CISSP/CISM/CISA, CEH is an added advantage.
• ISACA Certified Information Security Manager.
• Extensive experience in enterprise security architecture design.
• Extensive experience in enterprise security document creation. 
• Experience in designing and delivering employee security awareness training. 
• Experience in developing Business Continuity Plans and Disaster Recovery Plans.

Technical/ Functional competencies:

• Strong technical skill/knowledge spanning enterprise infrastructure, Web-based application hosting and internet technologies.
• Knowledge of software, hardware, systems administration, and network technology.
• Thorough understanding of relational database theory and practice.
• Detail oriented and process focused. 
• Self-motivated, self-starter who works well in a fast pace, growth orientated entrepreneurial environment.
• Strong organization, time management and prioritization skills.