Head, Cyber Security
Job Details
Full Job Description
JOB PURPOSE
This role is an executive-level manager within
the Group Technology function and is responsible for ensuring
and
maintaining a strong cyber security posture across the
organization.
The individual will direct the cyber security
strategy, implementation, operations, and the budget for
the
protection of the enterprise information assets and manage
that program. The scope of responsibility will
encompass data,
networks, communications, applications, infrastructure, database,
endpoints, and identities
and all related assets
JOB
CONTEXT
The Group Head of Cyber Security reports to the Group
Chief Information Officer and oversees key staff
working to
identify and safeguard the Group’s Information and related assets from
intrusion, security threats,
security weaknesses, software bugs
and exploits and is responsible for both staff and the
management
processes of keeping the organization secure from
financial, data and reputational loss.
The role will be
responsible for the strategic leadership of the cyber security program
and will combine
technical and managerial experience with great
problem solving and analytical skills and be a
detail-oriented
leader who can build and grow a diverse team of
high performing technical backgrounds. He/She understands
how to
utilize solutions and techniques to identify security vulnerabilities
and threats within information
technology landscape and develop
solutions to mitigate those vulnerabilities and threats across
multinationally
distributed systems.
The following teams will
be directly reporting to this role to achieve this responsibility,
Security and
Engineering, Security Business Architecture,
Vulnerability and Patch Management and Security
Operations
Center.
KEY RESPONSIBILITIES
• Provides the
vision, leadership and direction required to develop and execute the
group's cyber
security strategy and roadmap to always maintain a
healthy cyber security posture.
• Define and deliver key cyber
security initiatives that delivers business value to the organization
JOB DESCRIPTION
• Develop and manage a cyber security risk
management program including participation in broader
risk
management activities for the organization and the development,
evaluation, and compliance
to multiple areas of practice such as
vulnerability management, identity and access management,
cloud
security, Cyber Security operations, security architecture,
engineering, and incident
response.
• Provide strategic inputs
into financial planning
• Constantly update the cyber security
strategy to leverage new technology and threat information.
•
Brief the executive team on status of the cybersecurity program and
risks.
• Maintain a current understanding the IT threat landscape
for the industry.
• Leads the investigations after breaches or
incidents, including impact analysis and
recommendations for
avoiding similar vulnerabilities.
• Identify regulatory,
legislative, and industry specific compliance requirements and define
controls
that can be used ensure compliance on an ongoing basis.
Translate that knowledge to
identification of risks and actionable
plans to protect the business.
• Develop cyber security compliance
strategy and approach in consultation with the various
technology
teams, CIOs, and business stakeholders
• Coordinates with the Risk
Management, Technology Operations, and Internal Controls for
IT
General Controls (ITGC) validation
• Examine impacts of new
technologies on the overall cyber security posture
• Direct the
design, engineering and implementation and operations of security
systems.
• Certify the designs and implementations of business and
technical solutions from a security
perspective.
• Direct
identity and access management program.
• Direct and oversee
identity and access management.
• Schedule periodic cyber security
self-assessments, capability maturity review exercises
and
enterprise-wide vulnerability assessments to ascertain that
new gaps are quickly identified and
remediated.
• Make sure
that cyber security policies and procedures are communicated to all
personnel and that
compliance is enforced.
• Leverage
technical depth and broader business understanding to coach and
develop the technical
leaders on the team
• Oversee high risk
initiatives and serve as a point of escalation for
remediation/mitigation efforts
• Manage all teams, employees,
contractors and vendors involved in delivering cyber
security,
which may include hiring;
• Provide training and
mentoring to members of the cyber security team
• Set and monitor
job descriptions and objectives for direct reports and provide
feedback and
rewards in line with their performance against those
responsibilities and objectives.
JOB PROFILE
Experience &
Qualifications
Bachelor's degree in Computer Science, Management
Information Systems, Information
Security, Information Technology,
or related field preferred. (A Master’s degree in similar
areas is
a plus)
10+ years of working experience information technology
management, information security
management, design/architecture
and implementation and IT operations.
Knowledge of
Information Security / Risk Management best practices and
regulatory
environment.
Prior experience with security
policy, standards, and controls definition including ITGCs.
Demonstrable experience working closely with IT and executive
leadership and staff to
develop plans and roadmaps to create a
proactive information security environment.
Ability to
collaboratively develop a risk strategy in conjunction with
stakeholders
Demonstrated knowledge of industry authoritative
frameworks such as PCI-DSS, COBIT,
NIST, and ISO standards.
Experience (not required) working with a QSA and overseeing PCI
compliance program
Proven project management skills.
Desirable Security certifications: CISSP,CCSP, CCISO, CISM and/or CISA
or working towards
any of the specified
certifications.
Skills, Capabilities & Direct attributes
Strong interpersonal skills and excellent listening skills are
required.
Strong organizational skills
Strong analytical
thinking, written, and oral communication and presentation
skills
Advanced problem-solving skills and the ability to work
collaboratively with others to
resolve complex issues with
innovative solutions.
Must have the ability to influence others
and work at all management levels across the
organizational
structure
High level of personal integrity and the ability to
handle confidential matters with proper
judgment
Proven
leadership skills, team-orientation, and a proactive and optimistic
management
style.
Must have a good attention to detail
skills and a capacity to interact, escalate to and
influence
senior managers and customers
Must have a good working knowledge
of the use of productivity tools
Ability to work on many tasks
simultaneously in a high-pressure environment
Strong awareness
of the technical and business environment
Experience working in
an international/global organization
Head, Cyber Security
eProcess Ghana
All Direct Job Ads are subject to WhatJobs Terms of Service. We allow users to flag postings that may be in violation of those terms. Job Ads may also be flagged by WhatJobs. However, no moderation system is perfect, and flagging a posting does not ensure that it will be removed.