Job Listing: Information Security Manager & Data Protection Officer

Job Title: Information Security Manager & Data Protection Officer (1 Position)

Job Grade: D5

Reports To: Chief Risk Officer

Department: Enterprise Risk Management

Duty Station: Headquarters

Job Purpose: Ensure the integrity and confidentiality of the Fund’s data, safeguarding members’ interests, and protecting the Fund’s image.

Duties and Responsibilities:

1. Develop and implement the Fund’s information security risk strategy to safeguard the IT infrastructure, systems, and protect the Fund’s data.
2. Establish and maintain information security policies, processes, procedures, and system security baselines.
3. Monitor the Fund’s IT architecture, advising management on emerging cyber threats affecting information assets and operations.
4. Promote and conduct security awareness through a training program across the Fund.
5. Conduct periodic IT risk assessments, penetration tests, and vulnerability assessments, advising on remediation measures.
6. Assess and test new technologies to enhance the Fund’s information security infrastructure.
7. Coordinate disaster recovery tests ensuring swift return to normal operations in case of a disaster.
8. Investigate information security incidents, produce reports with recommendations, and ensure remedial action is taken.
9. Develop, implement, and maintain policies ensuring compliance with Data Protection and Privacy Act (DPPA) and regulations.
10. Train staff on data privacy responsibilities.
11. Act as a contact point for the Data Protection Office and data subjects regarding personal data processing and rights exercise.
12. Conduct data protection compliance audits and provide updates on Fund’s compliance.
13. Monitor Fund’s compliance with Data Protection and Privacy Act (DPPA) and other applicable data protection legislation.

Education Requirements:

• Bachelor’s degree in Information Technology, Information Systems, or Computer Science, or a related field.
• Professional qualifications CISSP or CRISC or CISM.

Related Job Experience:

• 7 years experience in information security management, with 3 years at the managerial level.

How to Apply: Interested individuals should click here to fill out the application form and send copies of their application letter, curriculum vitae, and academic qualifications to recruitment@nssfug.org by Monday, 18th March 2024.

Women are encouraged to apply. Please note that canvassing or lobbying will lead to automatic disqualification, and providing minimal information may lead to the disposition of your candidature due to insufficient information provided.