Principal Cybersecurity Officer - 2 Posts at Insurance Regulatory Authority (IRA)

Job Specifications

Duties and responsibilities at this level will entail:

• Coordinating implementation and periodic review of approved cybersecurity policies and standards.
• Coordinating cybersecurity incident management and supervising operational response activities.
• Supervising day-to-day operations of the Insurance Industry Cybersecurity Operations Centre.
• Researching on new and emerging technological and regulatory trends in relation to Cybersecurity management.
• Coordinating gathering and dissemination of technical information on cybersecurity incidents, vulnerabilities, security fixes and other security information, as well as issuing alerts and warnings.
• supervising cybersecurity incident management activities within the insurance industry, including review of response effectiveness.
• Coordinating cybersecurity analysis and forensic investigations.
• Supervising compliance with approved cybersecurity systems and Critical Infrastructure Protection (CIP) requirements by regulated entities.
• Ensuring quality assurance of the Insurance Industry Cybersecurity Operations Centre.
• Reviewing and disseminating of insurance industry cybersecurity posture reports,
• Coordinating cybersecurity advocacy, awareness, and capacity building in the insurance industry,
• Reviewing effectiveness of cybersecurity systems.
• Reviewing backup schedules of cybersecurity monitoring and management systems.
• Liaising with other SOCs, and industry stakeholders on matters of Cybersecurity monitoring and management.
• Reviewing specifications for acquisition of cyber security systems.
• Coordinating implementation of cyber-security systems.
• Coordinating implementation of the Critical Infrastructure Protection (CPI) framework.
• Developing, implementing and reviewing Computer Incident Response (CIR) Manual and Standard Operating Manual.
• Coordinating the development, monitoring implementation and regular review of the insurance industry Cybersecurity Policies.
• Conducting partnerships and collaboration with cyber security stakeholders locally, regionally, and globally.

Person Specifications

For appointment to this grade, candidate must have: -

• Six (6) years cumulative relevant work experience, three (3) years of which should have been at the grade of Senior Cybersecurity Officer or in a comparable and relevant position.
• Bachelor’s degree in any of the following: Electrical Engineering, information technology, information systems security, software engineering, or equivalent qualification from a recognized institution.
• Master’s degree in any of the following: Electrical Engineering, information technology, information systems security, software engineering, or equivalent qualification from a recognized institution.
• Professional qualifications in any of the following:
  • Cisco Certified Network Associate (CCNA);
  • Certified Information Systems Auditor (CISA);
  • Certified Information Security Manager (CISM);
  • Certified Information Systems Security Professional (CISSP);
  • Certified Ethical Hacker (CEH);
  • Any other equivalent qualification from a recognized institution.
• Management Course lasting not less than four (4) weeks from a recognized institution.
• Membership to a relevant professional body where applicable and in good standing.

Competencies and skills

• Communication skills
• Interpersonal skills
• Analytical skills
• Report writing skills
• Presentation skills
• Conflict management skills
• Negotiation skills