The Information Security Officer will ensure that MainOne Information Security Management systems are up to date and fully operational, thus maintaining and enhancing customer trust. The job holder will participate actively in security audits, risk analysis, vulnerability testing and security reviews in MainOne with a particular focus on the MDXi.
Other responsibilities include:
- Track the ISMS Calendar- to ensure all activities are up to date with requisite evidence as detailed by the ISMS Manager.
- Manage the requirements of all information security certification programs and Compliance efforts (e.g., PCI-DSS certification, ISO27001:2013 standard, SOC 2 Audit Assessment, and Data Protection requirements.)
- Ensure the effective review of all Information security alerts and notifications in line with IS Policy.
- Support the delivery of internal Information Security training and general Information security awareness.
- Manage the information security (IS) incident handling and response procedure as may be assigned by the ISMS Manager or Security specialists.
- Manage the Vulnerability Assessment (VAPT) program and Penetration Testing programs for MainOne entities.
- Provide backup support to the IP security specialists in tier 2 and tier 3 security operations to secure the MainOne network by enforcing policies, defining and monitoring access.
Qualifications, Skills & Competencies
- Strong written and verbal skills.
- At least 5 years experience in managing information security programs and 1 year of technical experience in information systems, networks, and/or application security.
- Certification in CCNA, CISSP, CISA, CEH, PECB ISO 27001:2013 Lead Implementer will be an added advantage.
- Strong understanding of a process-driven environment.
- Good understanding of the requirements of ISO 27001 standard, PCI DSS Certification, and SOC 2 audit Criteria.
- Strong analytical, problem-solving, and critical thinking skills in analyzing incidents in the cyber security landscape.
- Candidates working with: Cisco Routers & Switches, operating systems, (e.g. Windows and/or Linux), HR Approved Copy Network Administration, and TCP/IP will have an advantage
- Experience working with: Systems security, Network security, Firewalls, IDS / IPS, vulnerability assessments, incident response.
- General Knowledge of network routing and security protocols and implementations: TCP/IP, SSL, IPSEC VPN, SSL VPN, and VLANs are required.
Demands of the Job
- Availability to work extra hours in times of emergency and specialized project deliverables.
- Ability to understand and manage the pressure of 24×7 security surveillance in a fast-driven environment.
- Ability to work both independently and as part of a team to diagnose, troubleshoot, and resolve Information security incidents, problems and issues.