Mission/ Core purpose of the Job
The role is dedicated to developing robust security frameworks, ensuring global regulatory compliance, and managing a high-performing team to maintain data integrity and stakeholder trust. They ensure compliance with global standards and regulations, mitigate risks, and maintain the trust of stakeholders.
Responsibilities
Main Job Functions:
Operational:
Implement and manage cybersecurity policies, procedures, and controls to safeguard the organization’s digital assets.
Oversee day-to-day cybersecurity operations, including incident response, threat detection, and vulnerability management.
Monitor and analyze security events and incidents, ensuring timely response and resolution to mitigate risks.
Conduct regular cybersecurity assessments and audits to identify weaknesses and ensure compliance with standards and regulations.
Manage relationships with external cybersecurity vendors and service providers, ensuring effective collaboration and service delivery.
Monitor the performance of managed service providers (MSPs) against agreed-upon service level agreements (SLAs) and key performance indicators (KPIs), ensuring adherence to contractual obligations.
Â
Tactical:
Develop and execute cybersecurity training and awareness programs for employees to enhance security awareness and compliance.
Implement security controls and technologies to protect against emerging cyber threats and vulnerabilities.
Collaborate with cross-functional teams to integrate cybersecurity into the organization’s systems and processes.
Lead the investigation and response to security incidents, coordinating with internal and external stakeholders for effective resolution.
Develop and maintain incident response plans and procedures to minimize the impact of security breaches.
Conduct regular reviews and assessments of MSP performance, identifying areas for improvement and implementing corrective actions as necessary.
Â
Strategic:
Develop and implement a comprehensive cybersecurity strategy aligned with business objectives and risk management priorities.
Identify emerging cybersecurity trends and technologies to enhance the organization’s security posture.
Drive continuous improvement initiatives to strengthen cybersecurity controls and practices.
Provide strategic guidance and recommendations to senior leadership on cybersecurity investments and priorities.
Engage with industry forums and regulatory bodies to stay informed about evolving cybersecurity threats and best practices.
Develop strategic partnerships with MSPs to enhance cybersecurity capabilities and support organizational growth objectives.
Â
Financial Planning:
Develop and manage the cybersecurity budget, ensuring cost-effective allocation of resources to address key priorities and initiatives.
Evaluate cybersecurity investments and expenditures to ensure alignment with organizational goals and objectives.
Identify opportunities for cost savings and efficiencies in cybersecurity operations and technologies.
Track and report on cybersecurity-related expenses and ROI to demonstrate value to stakeholders.
Collaborate with finance and procurement teams to negotiate contracts and agreements with cybersecurity vendors and service providers.
Monitor and manage the financial performance of MSPs, ensuring that contracted services are delivered within budget and in line with agreed-upon terms.
Â
Other Relevant Key Performance Areas:
Regulatory Compliance: Ensure compliance with global cybersecurity standards and regulations, including GDPR, PCI DSS, and other relevant mandates.
Risk Management: Identify and assess cybersecurity risks, develop risk mitigation strategies, and monitor risk levels to minimize organizational exposure.
Stakeholder Engagement: Build and maintain strong relationships with internal and external stakeholders, providing regular updates and communication on cybersecurity matters.
Innovation and Research: Stay abreast of emerging cybersecurity technologies and best practices, conducting research and pilot projects to assess their applicability and effectiveness within the organization.
Incident Management: Lead the organization’s response to cybersecurity incidents, coordinating with internal teams and external partners to contain and remediate breaches effectively.
Supervisory / Leadership / Managerial Tasks:
Has responsibilities for directing, guiding, motivating and influencing others. This is inclusive of ;
Set clear directions, goals and objectives for direct reports and team
Monitor progress and maintain progress and maintain motivation.
Manage performance of team
Manage Staff career discussions, training and development and ensure necessary actions/ interventions are put in place
Create an enabling environment and culture for team to perform
Involvement in the process of hiring talent
Â
IT Security Responsibilities/ Tasks:
Comply with all Information Security Policies and related documents
Report security weakness/incidents to either the respective head of department or the Enterprise Information Security Manager
Must not exploit known security weaknesses.
Participate in all forms of Information Security Awareness
Promote Continual improvement of Information Security
Monitor compliance to the information security management system requirements by the Teams
Communicate the importance of effective information security management to your teams
Direct and support team/s to contribute to the effectiveness of the information security management system
Qualifications
Education:
A Bachelor’s degree in information security, Cybersecurity, Computer Science, Information Systems, Information Technology, Business Administration, or a related field (Master’s degree is advantageous).
Industry-recognized certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor), ISO 27001 Lead Auditor/Implementer, Certified Ethical Hacker (CEH), CompTIA Security+, AWS Certified Security Specialty, or equivalent cloud security certifications.
Experience:
8 years of experience in information security, with at least 3 years in a leadership or management role focused on security governance, risk management, and compliance.
Experience in the Financial Services or Fintech sector is advantageous
Worked across diverse cultures and geographies
Pan Africa multi-cultural experience is advantageous
Experience working with security frameworks such as NIST, ISO 27001, and risk management methodologies.
Proven experience in leading security policy development, governance, and compliance initiatives.
Proven experience leading incident response and managing complex security events.
Competencies:
Technical Proficiency:
Strong understanding of financial principles and experience in budgeting processes related to cybersecurity initiatives.
Familiarity with regulatory requirements and compliance standards in the fintech industry, such as GDPR, PCI DSS, HIPAA, etc.
Excellent communication, leadership, and decision-making skills, with the ability to effectively communicate complex cybersecurity concepts to both technical and non-technical stakeholders.
Ability to adapt to changing business needs and lead cybersecurity teams in a fast-paced and dynamic environment, while maintaining a focus on risk management and organizational security posture
Risk Management: Proficiency in identifying, assessing, and mitigating cybersecurity risks to protect the organization’s assets and operations.
Technical Expertise: In-depth knowledge of cybersecurity principles, technologies, and methodologies, including threat detection, incident response, encryption, and access controls.
Familiarity with security technologies such as firewalls, encryption, DLP, SIEM, identity and access management systems (IAM), and cloud security.
Understanding of IT infrastructures, systems, and networks from a security and governance perspective.
Â
Skills/Physical Competencies
Self-starter and ability to keep up in a fast-paced environment while meeting deadlines
Naturally curious and have a passion to ideate and advance innovation of digital products
Must be detail-oriented and have good organization skills
Maturity, professionalism and good conflict management
Very good at presenting advanced insights in a simple language for senior leaders
Interpersonal Skills – Leadership, customer centricity, collaborative and coaches & develops direct reports
Personal Skills – Trustworthy, integrity in dealings
Operating Skills – Ability to focus on priorities and plans, manages and monitors work effectively
Organisational Positioning Skills – Good written and verbal communication, presentation Skills, commitment to the organization
Global thinker, analytical thinking, critical thinking, and problem-solving abilities
Technology Savvy & adoptable to change
Functional Knowledge
Business Acumen
Analytics and Interpretation
Strategic Thinking
Organizational Agility
Digital mind-set
Dealing with ambiguity and complexity
Decision Making
Conflict Management
Negotiation
Financial and Numerical
Project Management
People Management
Executive Presentation
Behavioral Qualities
Adaptable
Respect
Culturally aware
Emotional Maturity
Innovation
Integrity
Leadership
Team Player
NB: Presentation of false academic documents and certification will lead to criminal prosecution. Any form of canvassing will lead to automatic disqualification. Should you not hear from us within fourteen (14) days from the closing date of this advertisement, you may consider your application to be unsuccessful.
Female candidates are strongly encour
