Responsibilities
- To ensure the protection, integrity, confidentiality and availability of all the Bank’s information assets through the provision of direction and oversight of the Information Security strategy,development, implementation, and administration of information security policies, plans, controls, projects and infrastructure that will protect and defend the Bank’s corporate information and business technology.
- Under the supervision of the Head Enterprise Risk Management
- To formulate, in consultation with the Chief Risk Officer, and Head of Enterprise Risk, Information Security
- Risk management strategy, policies, and procedures and submit the same to senior management for consideration and approval; drive the implementation thereof
- To lead strategic security planning to achieve business goals by prioritizing defense initiatives and coordinating the risk mitigation, evaluation, deployment, and management of current and future security technologies
- To act as advocate and primary liaison for Zanaco’s security vision via regular written and in-person communications with the various department heads and end users
- To provide leadership and guidance with respect to the Security objectives and controls for all IT audit and regulatory compliance activities
- To examine the detail of operations of business units, establishing limits and reviewing them in a regular and timely manner or whenever needed
- To remain informed on trends and issues in the security industry, including current and emerging technologies and prices
- Advise, counsel, and educate executive and management teams on their relative importance and financial impact
- To develop, track, and control the information Security services annual operating and capital budgets for purchasing, staffing, and operations
- To undertake the enterprise risk management process of identifying, measuring and monitoring of all operational, information security, fraud and other enterprise risks, ensuring that such risks are tracked at regular intervals accordingly
- To assess the enterprise risk of new products and services to be introduced, in order to identify and understand the risks inherent in rolling out the products to be introduced
- Responsible for developing and executing information security risk assessments and incident management plans across the organization to ensure continuity of business operations and supporting technologies
- To develop and lead an effective, efficient and collaborative Information Security posture and set of processes that insures balanced approach to risk management and security investments that are business-focused, well coordinated, and enable balanced business and technology objectives
- To develop and oversee incident response planning as well as the investigation of security breaches creatively and independently provide resolution to security problems in a cost-effective manner
- To participate in project reviews and approve information security architectures associated with each initiative
- Reporting of key information security performance indicators and continuous improvement planning
- To establish market-leading security posture and represent the Bank as information security expert with external customers and partners as required to deliver upon business objectives
- To collaborate with business heads and teams to develop long term plans and objectives, incorporating security
Qualifications
- Five Credits Grade 12 Certificate including Mathematics and English
- BSc Degree in Computing
- CEH, CISSP, CCNA, SCP Certificates
- ISACA Membership
- ICTSZ Membership
- Ten years working experience in Security
- Strong knowledge of IT Systems and Network Operations
- Familiar with Zambian Laws on Cyber security
- Familiar with ISO 270001 or 2, Cobit , ITIL , Electronic Communications Act of 2009
- Familiar with PCI DSS, EMV card security
- Highly developed interpersonal and communication skills
- Networking skills
- Planning and organizing
- Optimizing for the accomplishment of tasks
- Drive results
- Effective time management
- Business Acumen
- Banking Knowledge
How to apply
All applications must have an application or cover letter and detailed curriculum vitae indicating the position being applied for in the subject line and should be sent by email to
The Chief Human Resource & Training Officer
Human Resources And Training Division
Zamabia National Commercial Bank Plc,
Head Office,
PO Box 33611,
Lusaka.