DIVISION : Corporate Services

REPORT TO : IT Manager

BSc (Hons) in Computer Science, Information Technology or related fields from a recognized institution or an alternative qualification acceptable to the Commission.
At least 8 years’ experience in Enterprise IT Environment including experience in implementation of Information Security Management System(s).
An international IT Security Certification (CISA/CISM/CISSP/CEH).

To develop and maintain the organisation’s information security policy and a supporting set of specific policies, ensuring appropriate authorisation, commitment and endorsement from management.
To communicate the information security policy to all appropriate parties.
To ensure that the information security policy is enforced and adhered to.
To identify and classify IT and information assets and the level of control and protection required.
To work in close collaboration with other Staff to implement controls.
To assist with business impact analysis.
To perform security risk assessment and risk management in conjunction with availability and IT service continuity management.
To design security controls and developing security plans.
To develop and document procedures for operating and maintaining security controls.
To monitor and manage all security breaches and handling security incidents, taking remedial action to prevent recurrence wherever possible.
To report, analyse and reduce the impact and volumes of all security incidents in conjunction with problem management.
To promote education and awareness of security.
To maintain a set of security controls and documentation, and regularly review and audit all security controls and procedures.

Note: The Information Security Analyst should be prepared to work outside normal office hours.

On Contract

An attractive package, commensurate with qualification and experience, to the successful candidate together with gratuity and other benefits.