Information Security Manager Job at Twiga Foods

• Creating and managing security strategies
• Develop and publish Information Security and data privacy policies and processes that encourage secure working and protect data.
• Lead implementation of information security policies/processes across the Twiga digital/cloud environment in collaboration with stakeholders from tech and various departments.
• Actively liaise with the development team to ensure a secure architecture.
• Actively liaise with third-party vendors to ensure all initiatives are successfully delivered as per mandate.
• Plan and manage information security budget.

Risk Management

• Oversee regular information risk identification, assessment and mitigation activities with business and technology teams
• Investigate and analyse existing cloud structures and create new and enhanced security methods that will enhance the security of
• cloud-based environments.
• Responsible for identifying, defining and implementing appropriate security controls for our cloud applications and systems.
• Assess current technology architecture for vulnerabilities, weaknesses and for upgrades and/or improvement.

Security Incident Management

• Monitor security incidents on Technology services and systems.
• Track security resolution incidents and anomalies.
• Lead incident response for minor/major/critical incidents in collaboration with relevant stakeholders.

Security Training & Awareness

• Provide information security awareness training to organization personnel.
• Communicate information security goals and new programs effectively with other department managers within the organization
• Serve as a focal point of contact for the information security team within the organization and externally to vendors.

Budget Development and monitoring

• Developing and reviewing the budget and costs under cyber security scope of work & identify areas for cost savings.
• Reviewing vendor implementation contracts to ensure Twiga gets value for money.

Disaster Recovery

• Manage and configure physical/cloud security, disaster recovery and data backup systems.
• Develop a BCP guideline to ensure information security standards are maintained.

Team-management

• Model Twiga’s culture and way of working
• Drive the achievement of the performance objectives set for the team. Hold monthly 1-on-1 performance reviews with reports, and follow up corrective action where performance falls below expectation.
• Proactively manage own and team learning and development
• Ensure team adheres to the agreed annual leave plan
• Ensure team adheres to people management policies

Compliance

• Comply with all organization policies, procedures, and statutory guidelines. Minimize and mitigate risks to the organization and enforce zero-tolerance to non-compliance.
• Close gaps/lapses identified as an outcome of audits; risk and/or any other compliance review; investigations; or other assessment mechanisms and take corrective/preventive actions within the agreed timelines.

Minimum Qualifications & Requirements:

• Bachelor’s degree in computer science or Computer Engineering or relevant education.
• Relevant industry certifications (e.g., CEH, CISSP, CISA, ITIL) are an added advantage.
• 7 years relevant experience
• Information security risk management
• Implementation of cloud-based information security controls
• Training and awareness on information security
• Vulnerability management
• Must be well versed in Active Directory, VPN systems, encryption schemas and algorithms, various authorization and authentication mechanisms/software, network monitoring and sniffing, TCP/IP networks and vulnerability and threat management tools (including network-based scanners).
• Must be versed in GCP suite and how to secure it
• Thorough understanding of cryptographic primitives and their underlying principles.
• Thorough understanding of networking protocols, such as TCP/IP.