The purpose of the Information security and Technology risk Management function is to bring the organization’s information security and technology risks under explicit management control. The role is in charge of providing line management and leadership for the
function and liaising closely with other managers across the business and in particular in Technology.
The position is responsible for assuring oversight on Information Risk by implementing a comprehensive program to assess and mitigate current and emerging risks that impact the integrity, availability, accountability and confidentiality of information assets and the information environment in accordance with compliance and regulatory requirements.

 Key accountabilities and decision ownership: 

• Review and ensure adequate policies are implemented to manage Information risk across the company.

• Provide guidance in the interpretations of current policies related to specific situations as they arise.

• Create awareness on the policies in place across the company.

• Contribute to and critique the development of Information management policies, standards, Guidelines and procedures across the company and the monitoring thereof.

• Conduct policy exception reviews

• Coordinate/facilitate enterprise information risk assessments at regular intervals to assess and track the health of information management across the company bi[1]annually.

• Follow up and ensure agreed upon action points are implemented effectively and on time.

• Perform ad-hoc risk assessments as per managements’ request.

• Offer guidance on security risks on emerging threats and advise the business accordingly.

• Develop and embed appropriate Information Risk awareness initiatives across the business.

• Extend the security awareness culture to the customers.

• Offer specialist guidance & advisory to other business units for timely assurance of key / special projects.

• Offer guidance on the planning, implementation, monitoring and review of ISMS.

• Provide and support the custodians of information security monitoring tools in defining and coming up with metrics for measuring the organizations defense effectiveness and preparedness.

 Must have technical / professional qualifications: 

• Degree in IT, Business Information Systems (or related technical field) from a recognized university

• At least 4 years proven working experience in operational management of Information Systems / Information Security / Information Systems Audit role, or proven experience in business process assurance and/or risk analysis preferably in a telecommunications environment.

• Detailed knowledge of GSM and IT Networks is essential. Desired

• Experience on IT risk management, IT audit or business continuity management.

• Excellent documentation, communication, and stakeholder engagement skills.

• Working experience in Telecommunication/ Technology/ IT security.

• Professional certification in information management (CISA, CISM or CISSP CIMP, CDMP, CRM).

 How to Apply:

If you feel that you are up to the challenge and possess the necessary qualification and experience, kindly proceed to update your candidate profile on the career portal and then Click on THIS LINK Remember to attach your resume.

The closing date for receiving applications is Tuesday, November 21, 2023.