To lead the implementation of Enterprise Information Security Policy (EISP) which involves to coordinate
policy rollout, monitor compliance, and provide essential support, ensuring the effective integration of
the new security framework across the Bank. The EISP encompasses 15 distinct domains, including a
new component focused on Privacy, in addition to the existing principles of Confidentiality, Integrity,
and Availability (CIA).
- Risk reporting: Report and provide risk assurance to senior management and Board.
- Provide risk assurance to senior management and the Board, including findings from thematic reviews.
- Continuously monitor the environment to identify, assess, and escalate emerging and existing risks, along with proposed solutions
- Risk governance, framework and policies: Develop, maintain and ensure effective implementation of risk frameworks and policies.
- Review and refine the Bank’s information security policies to protect critical information assets. Ensure the effective implementation of information security risk frameworks and policies.
- Assess and update the Bank’s risk appetite statement as needed, ensuring continuous monitoring for potential breaches, with escalation to management when necessary.
- Track potential threats and vulnerabilities using information security risk metric.
- Risk culture and outreach: Promote the development of risk knowledge among staff to build a strong risk management culture.
- Collaborate with the awareness team to promote a strong risk culture on information security in the Bank.
- Enhance staff knowledge and awareness of information security risks
- Risk tools and processes: Develop, maintain and ensure effective implementation of tools and processes.
- Provide independent assessments of data entered by 40 departments for Information Asset Profiling (IAP).
- Ensure accurate and complete data for information security incidents in IRAISE.
- Ensure clean and accurate data from the existing IAPs of 40 departments isposted in the GRC system.
- Risk analysis and advisory: Provide an independent technical and advisory view of related risks, from an enterprise perspective with the objective of adding value, strengthening, and improving the Bank’s operations through risk mitigation proposals to various risk committees in a timely and effective manner.
- Provide an independent advisory input to enhance risk mitigation efforts and improve Bank operations.
- Conduct thematic reviews on information security risks and provide recommendations as needed
Qualifications
- Academic Qualifications:
- Degree in Information Technology, Economics, Accounting, Finance, Mathematics, Statistics, Law, Engineering, Business Studies etc.
- Post-graduate degree or professional certification in Risk Management (RM) and/or Business Continuity Management (BCM) is an added advantage.
- Experience:
- Preferably minimum four years in the Bank or industry experience i.e. Business Continuity or Information Technology
Skills Required
- Degree in Information Technology, Economics, Accounting, Finance, Mathematics, Statistics, Law, Engineering, Business Studies or related field
- Post-graduate degree or professional certification in Risk Management (RM) and/or Business Continuity Management (BCM)
- Minimum four years' experience in banking or industry (Business Continuity or Information Technology)
What We Do
KGP Services is a leading network services provider and trusted partner to customers who build, own, and operate high-speed fiber, wireless, and cloud networks across North America. We combine complete end-to-end capabilities with a customer-first culture to provide custom services including design, engineering, installation, integration, and maintenance for all technologies. Through our new partnership with Circet, Europe’s largest network services provider, KGP Services is positioned for greater scale and expansion to help customers meet the fast-growing demand for high-speed connectivity.
.jpeg)
