Zambia National Commercial Bank (ZANACO)
Zambia National Commercial Bank (ZANACO)
Posted Job
about 4 years ago

Information Security Risk Specialist (X1)

This listings application deadline has expired so it is probably out of date

View all jobs →

Zambia National Commercial Bank Plc (Zanaco) is inviting applications from suitably qualified and experienced individuals for the following job aimed at contributing to the Bank’s strategic vision, in the Risk Division under the Integrated Risk Management Department to be based at Head Office: –

Job Purpose

o To ensure preservation of availability, integrity and confidentiality of the Bank’s Information systems to ensure maximum business value at minimal information security risk.

Under the supervision of the Information Security Risk Head, the following are among the Key Job Responsibilities: –

o Conduct testing of Web and Applications security controls, Network security controls, Database security controls, Operating Systems security controls, Data Privacy controls and Data Loss Prevention controls in line with the Vulnerability Management Program and the Information Security Management Systems (ISMS).

o Engage the IT Security Operations team on all Information Security Risks as a result of internal and external penetration assessments as well as vulnerability assessments and coordinate mitigation of identified risks.

o Investigate cyberattacks, intrusion incidents, conduct forensic investigations and monitor incident responses in line with Vulnerability Management Program and the Information Security Management Systems (ISMS).

o Design controls to ensure implementation of adequate data privacy controls and policies; data loss prevention controls and policies; and access management controls and policies of all information systems owned by the Bank in line with business needs and AIC classification.

o Engage the IT Security Operations team to ensure data privacy controls, data loss prevention controls and access management controls are operating effectively in line with business needs and AIC classification.

o Benchmark and evaluate current information security technologies against industry practices to enhance information security capabilities of the Bank.

o Develop and implement information security awareness programs targeted at both Zanaco users and external customers.

o Develop and implement the policies and procedures and controls for PKI and Digital Signatures in line with Business needs.

o Ensure that the Bank attains and maintain the PCI DSS and ISO 27000 certifications.

o To perform analysis of logs to ensure that risks are timely identified and response plans implemented.

o Contribute to the Governance Risk and Compliance Committee (GRC).

o Perform any other duties and tasks as may be assigned by management.

Internal/External Contact

o External: ZICTA, BAZ, security vendors and other regulatory bodies

o Internal: All Divisions

Qualifications And Experience

o Grade 12 certificate with a minimum of 5 credits, of which English and Mathematics are mandatory.

o University Degree in Engineering, Electronics, Telecommunications Engineering or Computer Science.

o Certifications: CISM, CRISC, CISA, CEH, CISSP, SCP, CISMP, ISO 270001/2, COBIT 5, PCI DSS or related Information Risk Certification.

o Member of ISACA and/or ICTSZ.

o At least five (5) years’ experience in Information Security, Risk Management or a similar role.

o Must have knowledge of Security Information and Events Management (SIEM).

o Must be conversant with Data Centre security operations.

o Strong knowledge of Information Risk Management and Analytics.

o Strong knowledge of ISO 27000 and PCI DSS standards.

o Good Banking Information Systems knowledge.

o Good knowledge of integration software and electronic funds transfer.

o Banking/Financial services knowledge.

Job Core Competencies

o Highly developed Interpersonal skills, able to engage with external and internal customers

o Good analytical/ financial skills

o Self-starter

o Networking

o Planning and organizing

o Optimizing for the accomplishment of tasks

o Drive results

o Effective time management

How to Apply

All applications must have an application/cover letter and detailed curriculum vitae indicating the position being applied for in the subject line and should be sent by email to:

Application deadline
30 Apr
Zambia National Commercial Bank (ZANACO) image
Zambia National Commercial Bank (ZANACO)
Personal banking
Agribusines and SME business banking
Corporate finance
Electronic payment systems
Zambia National Commercial Bank, commonly known as ZANACO provides personal and business banking, corporate finance, Visa payment systems, investment and loan facilities. ZANACO is the largest financial services provider in Zambia. ZANACO has partnered with Zampost to allow customers to deposit and withdraw funds from their accounts from anywhere in Zambia. The bank has a special interest in agribusiness and small and medium enterprises, offering SMEs payroll solutions.