Key Responsibilities The following key activities are in scope for the ICT Assessment that would benchmark a bank’s IT against banking best practices and provide recommendations. The security assessment will include the following:
Security Vision, Risk view & Compliance Management Requirements Study relative to industry.
Study of Organizational Structure, Current Roles and Responsibilities & proposal for future organisation.
Analysis of existing Security Processes, technology architecture and Programs.
Study of Security Awareness across the organization.
Initial run of best fit Information Security Benchmarking Methodology and Process for FBN including handover to internal team.
Development of detailed security strategy and roadmap.
Only IT Processes and related infrastructure is in scope
Policies and prioritized assets shall be subject to review for the purpose of identification of gaps, where the assets shall be prioritized during the initial phases of the assessment
Requirements
Experience in working in security the Banking domain (mandatory)
Worked on Projects involving security benchmarking (mandatory)
Experience in working in information security risk management, control assessment, and in guiding the client through Control Implementation (mandatory)
Proven customer handling skills of senior stakeholders of client organization, e.g. CISO, CIO (mandatory)
Knowledge and awareness of the latest information risk, security and compliance innovations, trends, challenges and solutions
Exposure to industry acclaimed information governance, risk and security standards/frameworks and professional practices (NIST, ISO, COBIT, ITIL, ISSA, etc.)
Knowledge of the typical information risk and security operational practices
Knowledge of information security related solutions, tools and utilities
Bachelor’s degree (four-year college or university) in Business Administration, Computer Science, Information Systems, Engineering or related field, or equivalent combination of education and experience
Certifications:
CISA or CISM (Mandatory)
ISO 27001 Lead Auditor, CISSP, CGEIT, or CRISC certification(s) (Desired)
ITIL Foundations (or higher) certification (Desired)
COBIT Foundations certification (Desired)
Apply via :
www.linkedin.com