Job Title:                     Chief Information Security Officer (CISO) - Sierra Leone

Industry                      Banking

Location:                     Sierra Leone

Salary:                         Excellent Package + Salary

Job Purpose

• Serves as the subsidiaries’ process owner of all assurance activities related to the availability, integrity and confidentiality of customer, business partner, employee, and business information in compliance with the organization's information security policies.
• A key element of the CISO's role is working with the Group CISO and Executive Management of the subsidiary to determine acceptable levels of risk for the subsidiary in alignment with the overall risk appetite of the Bank.

Responsibilities:

• Implement and monitor the strategic, comprehensive information security and Cybersecurity management program
• Work directly with the Group office & other business units to facilitate risk assessment and risk management processes
• Effectively update approved policies for approval and ensure this is communicated to relevant stakeholders
• Write comprehensive reports including assessment-based findings, outcomes, and communications for further system security review.
• Provide leadership to the subsidiaries' information and cyber security team
• Partner with business stakeholders across the subsidiary to raise awareness of information and cybersecurity concerns.
• Monitor and troubleshoot security solution/infrastructure as it concerns your subsidiary.
• Work with available intelligence to identify threats to the environment and propose/implement controls to minimize risk of future events where appropriate or advised.
• Provide regular updates to the Group CISO and Executive Management team on status of the subsidiary’s risk posture and security program
• Collaborate with Technology team to ensure that the subsidiary’s’ infrastructure stays protected from cyber threats and breaches

Key Performance Indicators (KPIs)

• Ensure all critical servers and applications are piped to the central SIEM
• Train staff to ensure the various levels of competencies required for a better security environment is achieved
• Carry out daily checks to ensure prized assets are not compromised. Regularly review checks to ensure they are in line with emerging threats
• Ensure Zero loss due to cyberattack to subsidiary operational availability.
• Implement expedited remediation of vulnerabilities (internal & external) in line
• with established timelines
• Ensure security is embedded in all technology related projects as it concerns your subsidiary
• Maintain the ISO Management System certification for the subsidiary. 

Skills / Competence Requirements

• Knowledge of common information security management frameworks, such as ISO/IEC 27001, and NIST, PCIDSS.
• Excellent written and verbal communication skills and high level of personal integrity
• Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams
• Specific experience in Agile (scaled) software development or other best in class development practices.
• Experience with Cloud computing and services
• Hands on experience with incident and vulnerability management

Generic Skills

• Creative, and taking initiative
• Strong relationship management and communication skills with the ability to work collaboratively with colleagues across a number of departments and services as well as external stakeholders.
• Strong problem-solving, analytical skills and ability to work under pressure.