The Incumbent will be responsible to the Information Systems Head
To develop, implement, test and review TelOne’s information security systems to protect information and prevent unauthorized access. Advice users and system developers on security measures, explain potential threats, install software, implement security measures and monitor networks.
Major Activities of the Job
- Coordinate development of TelOne Information Security Policies, Standards and Procedures and translate them into actionable security plans
- Understand, assess and manage security risks and specific security requirements; report findings and provide recommendations on how to effectively minimize ICT security risks to acceptable levels; assist formulating mitigation
- Formulate security procedures and guidelines to facilitate the achievement of ICT security objectives and coordinate their implementation with ICT operational
- Liaise with ICT members and other departments and ensure that all ICT agreements include documented security
- Plan and coordinate integration of security standards, processes and tools into day-to-day ICT operational activities including software development life-cycle, change management, and technical
- Assist development and implementation of Risk Assessment Program targeting Information security and privacy matters, recommend methods for vulnerability detection and remediation and oversee vulnerability
- Improve and maintain secure development
- Coordinate/perform application vulnerability assessments, code reviews, and assessment of SDLC
- Incorporate lessons learned into security awareness material and coordinate security awareness
- Ensure that new ICT systems, network, infrastructure, projects and resources are risk assessed and that risk mitigation plans are documented and implemented before the ICT deployment in
- Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.
- Consolidate and report key security performance indicators obtained from IS and other operational
- Perform/participate in security risk assessments and formulation of risk mitigation plans of the underlying
- Consolidate and report key security performance indicators obtained from local ICT operational
- Keep abreast of developments in the field of ICT security and participate in the evaluation of new security solutions and
- Formulate security awareness material, and deliver training on ICT security topics.
Qualifications / Experience
- A Bachelor’s degree in Computer Science, Computer Engineering or an Information Security degree or closely related degree.
- Membership to a professional body will be an added advantage.
- Experience in developing and administering an information security program is desirable
- Minimum 2 years’ experience in ICT Security and ICT Risk Management, Information Technology or related field
- Demonstrated cumulative experience in performing risk assessments, vulnerability testing, developing mitigation strategies and incident response activities.
- Minimum 1-year work experience in application security
- Experience with ISO 2700 series of security standards and best-practise is desirable Experience with ITIL, OWASP and NIST frameworks is desirable
- Experience with infrastructure, network, database and web-application vulnerability scanning is desirable
- Good negotiation and communication skills. High level data analytical skills.
- Good presentation skills.
- Strong verbal and written communication skills.
- High level of attention to detail and interpersonal skills.
If you wish to be considered for the post above, please apply with detailed Curriculum Vitae in an envelope clearly marked “STAFF CONFIDENTIAL – APPLICATION FOR A VACANT POST” to the,
Human Resources Director, TelOne Private Limited, 107 Kwame Nkrumah, Runhare Building, or e-mail to firstname.lastname@example.org not later than 20 July 2016. Canvasing will disqualify