Group Information Security Risk Manager

II. JOB PURPOSE   
To provide highly skilled, specialist services to produce security risk management policies, framework inline with industry standards. This includes performing group wide-Enterprise risk assessment across affiliates. Building and maintaining consitentlife cycle of risk manangement methodology across affiliates, 3rd parties vendor assessment and group wide risk reporting. Conduct Security awareness programs on cyber threat and fraud techniques for Staff (Internal)and customers
(External).

III. PRINCIPAL ACCOUNTABILITIES   

•   Provide highly skilled, specialist services to produce security risk management policies, framework in line with industry standards.
•   Identify and Build required processes for risk identification, registration and tracking for final remediation.
•   Review current business processes and technological processes to ensure security requirements are embedded as part of business as usual activity.
•   To quantify identified risks and the associated impacts and ensure prioritization of risk remediation program.
•   Ensuring security compliance to industry mandated standard and regulatory requirements at all times through periodic assessment on information assets to minimize risk in eProcess and across affiliates.
•   Conduct training for in-country information security heads on security risk assessment methodology, 3rd party assessment and processes, policy waivers etc.
•   Develop and maintain an executive centralized risk dashboard for group, Regional and affiliates reporting for all medium to high risk. Heat Maps, Top Risk trend etc.
•   Reviewing the payment infrastructure technology infrastructure and identifying where critical gaps exist and recommend remediation actions.
•   Perform internal risk assessment based on Swift Customer security compliance yearly as part of payment systems.
•   Perform internal risk assessment based on ISO 27001 mandatory requirement standards yearly to ensure compliance and maintain certification.

 

IV. JOB CONTEXT   

Risk Management and Group Security Awareness

V. JOB DIMENSION   
▪   This role is based in Accra, Ghana.
▪   This role requires regular travel.

VI. JOB SKILLS/EXPERIENCE   
▪   Industry Certified Security Professional
▪   Relevant Security Experience, at least 5 years in Risk Assessment, Remediation and Compliance.
▪   Experience of Managing Projects
▪   Experience of Managing Team’s Performance
▪   Ability to work in a Multicultural Environment
▪   Proven track record of achieving results and managing teams.
▪   Ability to build rapport with VPs and Cluster/Regional Managers
▪   Constructively manage all stakeholders and break barriers
▪   Ability to build and lead effective and successful teams
▪   Analytical thinker combined with skills of thinking outside the box
▪   Ability to effectively use technology to leapfrog the competition
▪   Withstanding pressure without it having effect on efficiency or quality
▪   Open to change and ability to create and drive change
▪   Ability to deal with ambiguity and a changing environment
▪   Strong analytical and diagnostic skills