Standard Bank Head, Information Security Jobs in Uganda

Standard Bank Head, Information Security Jobs in Uganda


Job Purpose

  • To transpose business or functional strategy into operational targets and plans. To provide operational direction for business unit, product or function at a regional or country level and interpret strategy to deliver effectively at a unit level.

  • To drive and support the bank's Information Security initiatives, the associated decision making, planning and implementation to monitor and protect sensitive data and systems from infiltration or misuse.

    Key Responsibilites

    Strategy

  • Stay abreast of the external threat landscape and identify appropriate risk mitigation strategies.

  • Develop the Information Security strategy as an enablement factor for the Group IT strategy.

  • Track digital SBG trends and identify new emerging Information Security technologies and investment opportunities so that they may be applied in Information Security.

  • Act as a trusted adviser for Information Security technology across the Group and
    stakeholders, making sensible trade-off decisions to ensure success.

  • Provide insight into the drafting and updating of policies, ensuring that the required ways of work pertaining to the specific business unit are well-informed.

  • Identify long term plans to promote the business area's mandate and to ensure its alignment to the organisational strategy.

  • Monitor and maintain adherence to both the Group Enterprise IT, and the Information
    Security strategy so that a single organisational imperative is realised.

  • Align Information Security strategy to the Group IT strategy and identify the requirements to fulfill the strategy.

    People

  • Identify key performance metrics against which individual performance will be measured, and
    opportunities to develop skills identified.

  • Review workforce and headcount plans for the team including requests for headcount changes, ensuring that the requests are aligned to capacity requirements for objective attainment.

  • Analyse and understand the needs and concerns of all stakeholders, and understand what is necessary to maintain their support.

  • Develop an innovative plans for stakeholder communication, so as to facilitate the transfer of
    key information without negatively impacting on productivity and business relationships.

  • Maintain relationships with stakeholders by involving them in business discussions and
    decisions, where appropriate, and keeping them informed of business developments.

  • Develop and manage relationships with key external stakeholders relevant to the business
    and external regulatory bodies so that pertinent business networks and connections may be
    relied upon.

  • Analyse management and technical development needs of team members so that the training budgeting process may be adequately informed.

  • Monitor the implementation of the performance process in the team and apply it rigorously to
    direct reports so that employee development is aligned to performance policy.

  • Identify primary and secondary stakeholders critical to the success of Information Security
    operations so that engagement plans may be customised accordingly.

  • Align Information Security people strategy to the Group people strategy and identify the
    requirements to fulfill the strategy.

  • Identify information security succession and skills development strategies, priorities and risks, fulfill requirements with the support human capital.

    Technology & Architecture

  • Participate in post incident
    analysis, identify control weaknesses and include remediations in planning and scoping activities.

  • Engage all stakeholders in problem solving and solution engineering, to optimise problem
    identification and mitigation.

  • Identify projects for quarter, conceive initial designs and allocate work according to team capability.

  • Maintain and review service levels as agreed with service consumers to ensure optimum service delivery.

  • Identify security maturity scores, update when appropriate and implement throughout the
    organisation for continual awareness and prioritisation efforts and monitor compliance to
    management directives.

  • Review effectiveness and quality of performance of the reporting teams, against
    pre-identified standards and identify improvements that need to be implemented going forward.

  • Report on all Information Security/ Cyber risks (including mitigation efforts), as identified, for the required committees, boards and Group.

  • Design, engineer, plan, implement, and support Information Security solutions by working
    with projects and business areas from initial design through build and test, as required.

  • Engage all appropriate stakeholders during incident response processes to enable decision
    making and remediation activities, manage response efforts.

  • Plan and forecast Information Security specific projects/ requirements over the 1-3 year
    horizon, balancing risk and reward, prioritising and identifying the appropriate engagements and stakeholders to ensure success, while maintaining compliance to external regulations.

  • Define and identify organisation risk capabilities to be delivered by team, in order to
    operationalise risk mitigation strategies.

  • Adhere to and implement the relevant Information Security technology standards developed by the wider IT Function.

    Financial Management

  • Act as the custodian for Information Security costs.

  • Adhere to and enhance and/ or add to Group minimum standards for vendor selection and select the most appropriate vendor with required expertise.

  • Motivate and own the operational budget for the function and determine the utilisation of the
    budget for Information Security, while monitoring costs and measuring value against projected budget.

  • Monitor and manage financial management applications.

  • Continue to assess cost and benefit of controls and discontinue products or processes where cost exceeds the benefit.

  • Consider financial needs of the business area, develop and submit budgets and efficiency
    targets for Group Information Security.

  • Strive to influence a continual reduction in costs within the areas under control, ensuring that quality is not compromised for cost savings.

  • Set shape and targets for Group Information Security based on the wider IT strategy.

    Qualifications

  • First Degree in Information Security.

  • CISSPS/CISM professional membership.

    How to Apply

  • For more information and job application details, see; Standard Bank Head, Information Security Jobs in Uganda


    Find jobs in Uganda. Jobs - Uganda jobs. Search our career portal & find the latest Ugandan job positions, career opportunities & jobs in Uganda.

    Jobs in Uganda - banking jobs, IT jobs, accounting jobs, NGO jobs, business administration, ICT, UN jobs, procurement jobs, education jobs, hospital jobs, human resources jobs, engineering, teaching jobs, and other careers in Uganda.

    Find your dream job from 1000s of vacancies in Uganda posted and updated daily - click here!

  • Click here to post comments

    Join in and write your own page! It's easy to do. How? Simply click here to return to Best Africa Jobs.