Senior Information Security and Governance Engineer (Harare)
Job Description
The Information Security Engineer will be responsible for overseeing and managing the organization's information security program to ensure the integrity, confidentiality, and availability of information assets. The Engineer will assist in the development and implementation of security policies, conduct risk assessments, monitor security systems, and respond to security incidents.
This role requires a deep understanding of both technical and administrative security controls.
Duties and Responsibilities
- Promote a culture of security awareness across the organization.
- Conduct regular risk assessments and audits to identify potential security threats and vulnerabilities.
- Develop strategies to mitigate identified risks and implement appropriate security measures.
- Ensure appropriate risk mitigation and control processes for security incidents as required.
- Document and disseminate information security policies, procedures, and guidelines to ensure compliance with all regulatory requirements.
- Coordinate a response to actual or suspected breaches in the confidentiality, integrity, or availability of information assets.
- Develop and maintain an incident response plan.
- Lead the response to security incidents, including investigation, containment, and recovery.
- Conduct post-incident analysis to identify root causes and improve future response.
- Participate in audits and assessments conducted by internal and external parties.
- Evaluate the security practices of third-party vendors and service providers.
- Ensure that third-party agreements include appropriate security provisions.
- Understand and report security risks and how they impact the confidentiality, integrity and availability of information assets.
- Research and propose IT security solutions.
- Maintains documentation relevant to area of responsibility.
- Ensures vulnerability management solutions are implemented.
- Responds and manages security related events and alerts.
- Manage and implement IAM systems and processes.
- Manages the ICT control environment.
Qualifications and Experience
- A degree in IT and appropriate technical qualifications plus 3 years’ experience in an IT environment.
- Relevant certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CEH (Certified Ethical Hacker), or equivalent.
- Bachelors Degree (B), Diploma (Dip).
Technical Skills:
- Proficiency in security technologies such as firewalls, IDS/IPS, SIEM, DLP, and encryption.
- Understanding of network security, application security, and cloud security.
- Familiarity with security frameworks and standards (e.g., ISO/IEC 27001, NIST, PCI-DSS).
- Skills: Analytical Thinking, Communication, Problem Solving, Project Management Basics, Results Oriented Leadership.
Experience:
- Appropriate technical qualifications plus 3 years’ experience in an IT environment
- Experience in developing and implementing security policies and procedures.
- Experience with risk management, compliance, and incident response.
Other
How to Apply
Click HERE To Apply
Deadline: 08 July 2024Generate a Whatsapp Message
Old Mutual Zimbabwe
Old Mutual is a premium African financial services organisation that offers a broad spectrum of financial solutions to retail and corporate customers across key market segments. The lines of business include Life and Savings, Property and Casualty, Asset Management and Banking and Lending.
Related Jobs
Information Security and Governance Engineer (Harare)
ICT Infrastructure And Support Officer (Harare)
ICT Specialist - Projects Coordination, Infrastructure & Support
