Share this Job
Apply now »

IT Security Manager

Campus IT Services
Job Description
  • Work with Head of Department (HOD), IT to formulate and implement Information Security Risk Policy, standards, best practices for effective IT security, risk and compliance controls across the University;
  • Perform regular reviews of the governance framework policies and procedures to ensure that they are updated to the changing University’s needs;
  • Conduct in-house security audits, reviews, scans, code reviews and compliance checks to assess systems, infrastructure, services and processes for security and compliance with security policies, standards and procedures;
  • Work with internal and external auditors in planning and conducting security audits, reviews, scans and tests;
  • Respond timely to security incidents and conduct investigation and recommend the appropriate follow up actions including containment, recovery and preventive actions;
  • Perform audit log reviews and assessments to detect security breaches and anomalies;
  • Keep abreast of the latest industry security practices and technologies as well as emerging threats and vulnerabilities, and recommend appropriate controls for implementation to improve the University security posture;
  • Oversee and guide IT Security Executive in performing his duties;
  • Promote, train and create staff awareness of IT security and data protection policies and practices;
Job Requirements
  • Degree in Computer Science, Computer or Information Technology
  • Mnimum 5 Years of relevant working experience
  • Good knowledge of information security principles and technologies, governance and compliance
  • Experience in implementing security audits, controls and mitigating measures for Internet/enterprise IT infrastructure and applications (preferably with CISA qualification or equivalent);
  • Experience in implementing security solutions for Internet/enterprise IT infrastructure (preferably with CISSP and CEH qualification or Equivalent);
  • Experience in implementation, operations, administration and maintenance of various enterprise security solutions, including endpoint security, monitoring and analytics tools, firewall and Intrusion Prevention System (IPS);
  • Experience in incident handling /response, reporting to and collaborating with higher echelon Computer Emergency Response Team (CERT) teams;
  • Knowledge of Domain Name System, DNSSEC, BIND, UNIX/Solaris, ORACLE DB and JAVA would be an added advantage;
Apply now »