Information Security Manager Job at Twiga Foods… See details on how to apply for the opportunities available at Twiga Foods.
Descriptions;
Twiga is a mobile-based supply platform for Africa’s retail outlets, kiosks, and markets stalls.
RESPONSIBILITIES:
- Creating and managing security strategies
- Develop and publish Information Security and data privacy policies and processes that encourage secure working and protect data.
- Lead implementation of information security policies/processes across the Twiga digital/cloud environment in collaboration with stakeholders from tech and various departments.
- Actively liaise with the development team to ensure a secure architecture.
- Actively liaise with third-party vendors to ensure all initiatives are successfully delivered as per mandate.
- Plan and manage information security budget.
Risk Management
- Oversee regular information risk identification, assessment and mitigation activities with business and technology teams
- Investigate and analyse existing cloud structures and create new and enhanced security methods that will enhance the security of
- cloud-based environments.
- Responsible for identifying, defining and implementing appropriate security controls for our cloud applications and systems.
- Assess current technology architecture for vulnerabilities, weaknesses and for upgrades and/or improvement.
Security Incident Management
- Monitor security incidents on Technology services and systems.
- Track security resolution incidents and anomalies.
- Lead incident response for minor/major/critical incidents in collaboration with relevant stakeholders.
Security Training & Awareness
- Provide information security awareness training to organization personnel.
- Communicate information security goals and new programs effectively with other department managers within the organization
- Serve as a focal point of contact for the information security team within the organization and externally to vendors.
Budget Development and monitoring
- Developing and reviewing the budget and costs under cyber security scope of work & identify areas for cost savings.
- Reviewing vendor implementation contracts to ensure Twiga gets value for money.
Disaster Recovery
- Manage and configure physical/cloud security, disaster recovery and data backup systems.
- Develop a BCP guideline to ensure information security standards are maintained.
Team-management
- Model Twiga’s culture and way of working
- Drive the achievement of the performance objectives set for the team. Hold monthly 1-on-1 performance reviews with reports, and follow up corrective action where performance falls below expectation.
- Proactively manage own and team learning and development
- Ensure team adheres to the agreed annual leave plan
- Ensure team adheres to people management policies
Compliance
- Comply with all organization policies, procedures, and statutory guidelines. Minimize and mitigate risks to the organization and enforce zero-tolerance to non-compliance.
- Close gaps/lapses identified as an outcome of audits; risk and/or any other compliance review; investigations; or other assessment mechanisms and take corrective/preventive actions within the agreed timelines.
Minimum Qualifications & Requirements:
- Bachelor’s degree in computer science or Computer Engineering or relevant education.
- Relevant industry certifications (e.g., CEH, CISSP, CISA, ITIL) are an added advantage.
- 7 years relevant experience
- Information security risk management
- Implementation of cloud-based information security controls
- Training and awareness on information security
- Vulnerability management
- Must be well versed in Active Directory, VPN systems, encryption schemas and algorithms, various authorization and authentication mechanisms/software, network monitoring and sniffing, TCP/IP networks and vulnerability and threat management tools (including network-based scanners).
- Must be versed in GCP suite and how to secure it
- Thorough understanding of cryptographic primitives and their underlying principles.
- Thorough understanding of networking protocols, such as TCP/IP.