Hatton National Bank PLC
Job description
Role Accountabilities
• Implement strategic direction to Bank wide Information Security Governance function.
• Conduct periodic Information and Cyber security reviews and provide assistance with remediation.
• Ensure Data governance, Baselines Security Standards, Regulatory and Statutory compliance requirements and any other applicable standards/ frameworks are being followed and maintained.
• Obtain required certifications, attend relevant forums, keep up-to-date with information security trends and conduct research in order to develop new initiatives and to forecast threat predications. .
• Manage day to day tasks responsible for deliverables, including planning, creating and executing Information security plans.
• Security Governance and Risk Management Oversight and Reporting.
• Vendor and Third-party Risk Management.
• Develop and deliver comprehensive security awareness and training programs promoting a culture of information security awareness.
Educational Qualifications
• A Bachelor’s Degree in Computer science/Information Security/Cybersecurity or any other related field.
• Professional certification in two or more Information Security related disciplines such as, CISSP, CISM, CRISC, GIAC.
• Masters of Science in Information Technology or Cyber Security discipline would be an added advantage.
Relevant Experience
• Minimum 10 years’ experience in the field of IT out of which at least, 5 years in Information/ Cyber security and at least 3 years at a management level.
• Experience in similar capacity in a Banking environment.
Competencies
• In-depth knowledge of information security and privacy principles, frameworks, technologies, best practices and standards such as ISO/IEC 27001, ISO/IEC 27701, NIST, PCI-DSS, COBIT, etc.
• Hands on work experience in Information Security implementations.
• Good understanding of the Bank’s business operations, objectives and industry dynamics with the ability to align security initiatives with broader business strategies and demonstrate the value of security implementations.
• Capacity to stay abreast of emerging threats, technologies and industry trends, leveraging innovation and creativity to develop proactive security measures and adapt to evolving security risks.
• Proficiency in identifying, assessing and prioritizing information security risks, implementing effective controls and mitigation strategies to protect critical assets.
• A passion for technology and security safeguarding with desire to deliver.
• Excellent verbal and written communication skills to articulate complex security concepts, risks and solutions effectively to diverse stakeholders including senior leadership, technical teams and non-technical staff.