Key Responsibilities:
- Strategic Leadership:
- Develop and implement an overarching information security strategy aligned with the FirstBank’s business objectives.
- Provide guidance and expertise to the executive team and the Board of Directors within the Subsidiaries on information security matters.
- Security Governance and Compliance:
- Ensure compliance with all relevant regulatory requirements, including ISO 27001, PCI DSS, and other banking industry standards, while aligning subsidiary practices with group standards.
- Establish and maintain information security policies, standards, and procedures specific to the Subsidiaries.
- Risk Management:
- Identify and assess information security risks and vulnerabilities within the Subsidiaries, developing strategies for risk mitigation in collaboration with the Group CISO.
- Monitor emerging threats and vulnerabilities in the financial sector, focusing on subsidiary-specific concerns.
- Security Operations:
- Oversee day-to-day security operations within the Subsidiaries, including incident response, monitoring, and security incident management, in coordination with the Group CISO.
- Manage the deployment and maintenance of security technologies such as firewalls, intrusion detection systems, and encryption solutions, ensuring network security and device security.
- Security Governance:
- Develop and manage security governance practices, including policies, procedures, and standards to maintain a robust security posture within the Subsidiaries.
- Coordinate with Group CISO to ensure alignment with group-wide security governance initiatives.
- User Access Management:
- Implement and manage robust user access control mechanisms, ensuring that employees have appropriate access permissions.
- Enforce user access policies and conduct regular access reviews.
- Vendor Management:
- Evaluate and manage third-party security vendors and service providers, accounting for the specific needs of the Subsidiaries.
- Ensure that external partners adhere to security standards and requirements set by the Group CISO.
- Budget Management:
- Develop and manage the information security budget for the Subsidiaries, working in coordination with the Group CISO to ensure optimal allocation of resources.
Qualifications:
- Master’s degree or its equivalent in computer science, Information Security, or a related field (Master’s degree preferred).
- At least 7 years of experience in information security, with a minimum of 3 years in a leadership role.
- Proven experience in the banking or financial sector, with a deep understanding of regulatory requirements and industry standards.
- Industry certifications such as CISSP, CISM, or CISA are highly desirable.
- Strong leadership and communication skills, with the ability to collaborate with diverse teams and stakeholders.
- If you are a seasoned information security professional with a strong background in the banking industry and the skills to lead a comprehensive security program within our Subsidiaries division, we encourage you to apply for the CISO position at FirstBank Sierra Leone. Please submit your resume and a cover letter detailing your relevant experience and qualifications
