CA Global - Our client, African Export-Import Bank (Afreximbank) is a pan-African Multilateral Financial institution established in 1993, for the purposes of financing and promoting intra and extra African trade.
The Bank is currently hiring the below position based at their Headquarters in Cairo Egypt:
Job Title: Manager, IT Services (Information Security & Risk)
Reference : SMF 33021
Location: Cairo, Egypt
Job Type: Full Time
Job Descriptions
- The objective of the function is to provide appropriate access to and protect the confidentiality and integrity of customer, employee, and business information in compliance with organization policies/standards and business objectives of Afreximbank.
Responsibilities
Risk Management:
- Maintain a risk management framework.
- Perform risk assessments on resources and projects to be protected.
- Perform vulnerability assessments to evaluate the effectiveness of existing controls.
- Report significant changes in risk to management on both a periodic and event-driven basis.
- Maintain and monitor a risk action plan.
- Update security standards and guidelines / procedures with results of risk assessments.
Information Security Governance:
- Ensure a framework for information security governance and IT control.
- Update and advise top management on security direction and issues.
- Review current and potential legal and regulatory issues affecting information security and assess their impact on Afreximbank
- Avail technical information about security systems and ongoing programs in the information security arena and especially as applied to financial organisations.
- Provide technical security expertise to IT staff to ensure that the requisite level of security is implemented in all information assets.
Information Security Policies:
- Leads the preparation and implementation of necessary information security policies, standards, procedures and guidelines
- Maintain and review information security policies that support business goals and objectives, and are consistent with applicable laws and regulations.
- Maintain standards, procedures and guidelines that support information security policies, and ensure business processes and IT infrastructure activities address information security risks.
- Maintain documentation of all information systems security and change management processes.
Information Security:
- Oversee and direct information security activities in line with the information security operations and programme / framework.
- Monitor and report on the effectiveness and efficiency of information security controls and the compliance with information security policies.
- Manage security plans and control techniques covering banking applications and supporting networks.
- Maintain access rules and exercise adequate control over the administration of user ID’s.
- Review and monitor change management procedures on all system changes, systems configuration changes and application of security patches to ensure that information security is not compromised.
- Perform system audit checks including pre-implementation and post-implementation of projects.
- Monitor and review operations logs and event console activity to identify potential security related events, and investigate all anomalies.
- Manage system compliance to identified achievement targets for end points (antivirus, patches, threats, etc).
Information Security Awareness:
- Lead and facilitate internal training and awareness of IT security policies, controls and best practices, as well as the impact of non-adherence in order to:
- Contribute to the implementation of IT governance;
- Promote accountability by business process owners and other stakeholders in managing information security risks.
Audit and Compliance:
- Ensure periodic IT audits / assessments to confirm that:
- The rules of use for information systems comply with the enterprise’s information security policies
- The administrative procedures for information systems comply with Afreximbank information security policies
- Change control management principles are adhered to
- Software inventory licensing is adhered to across all systems
- Services provided by other organisations, including outsourced providers, are consistent with established information security policies and
- Non-compliance issues and other variances are resolved in a timely manner.
- Conduct regular audits on IS facilities to ensure compliance to security policy, standards and guidelines / procedures.
- Work closely with the Risk department, as well as the Internal Auditor, and respond to all external and internal audit issues raised.
Incident and Response Management (IT Disaster Recovery):
- Lead activities relating to contingency planning, business continuity management and IT disaster recovery in conjunction with relevant functions and third parties
- Review response and recovery plans that include organising, training and equipping the teams.
- Periodically test the response and recovery plans, where appropriate.
- Ensure the execution of response and recovery plans, as required.
- Manage post-event reviews to identify causes and corrective actions.
- Any other duties as may be assigned by management.
Requirements
Qualifications and Skills:
- Bachelor’s degree in Computer Science, Information Technology or other relevant degree from a recognized University, a Master’s degree in a relevant field or a recognized professional qualification in lieu
- Minimum of 8 years’ experience as a Senior Business Analyst in a modern international ICT environment preferably an international bank
- Working knowledge of Project Management, Business Analysis, Requirement and functional specification
- Demonstrated expertise in all aspects of banking solution
- Demonstrated expertise in Solution architecture and system development life cycle
- Working knowledge of system testing
- Ability to map business processes and develop functional specification
- Implementation experience of ERP Software (Oracle, SAP, Peoplesoft) very desirable
- Knowledge of VB Scripting desirable
- Excellent verbal and written communication skills in English. Knowledge of the Bank’s other working languages is an added advantage (French, Arabic and Portuguese).
Contractual Information:
- Permanent
- Willing and able to relocate to Cairo
- Suitably qualified candidates from all African nationalities are encouraged to apply
- Tax-free salaries paid in USD
Application Closing Date
31st May, 2016.
How to Apply
Interested and qualified candidates should:
Click here to apply online
Or
Send their CV's to
Sharon Mhambi at:
[email protected]
Note: CA Global will respond to short-listed candidates only. If you have not had any response in two weeks, please consider your application unsuccessful however your CV will be kept on our database for any other suitable positions.