Officer, IT Security and Governance job at Tropical Bank | Apply Now

Security Policy Implementation:

• Develop and enforce IT security policies and procedures.

• Monitor compliance with security policies and regulations.

• Conduct regular security audits and risk assessments.

• Manage and respond to security incidents and breaches.

• Stay updated with the latest security trends and threats.

Risk Management:

• Identify and assess IT security risks.

• Develop risk mitigation strategies.

• Implement security controls to protect sensitive information.

• Monitor and report on security risks and vulnerabilities.

• Conduct regular vulnerability assessments and penetration tests.

Compliance and Governance:

• Ensure compliance with regulatory requirements and standards.

• Maintain documentation of security policies and procedures.

• Conduct regular reviews and updates of security policies.

• Provide training and awareness programs on IT security.

• Liaise with auditors and regulatory bodies on security matters.

Incident Management:

• Develop and maintain incident response plans.

• Coordinate and manage security incident investigations.

• Analyze and report on security incidents and breaches.

• Implement corrective actions to prevent future incidents.

• Maintain a security incident log and reporting system.

Collaboration and Communication:

• Work with IT and other departments to ensure security policies are understood and followed.

• Provide guidance and support on security-related issues.

• Communicate security risks and incidents to management.

• Foster a culture of security awareness within the organization.

• Participate in security forums and industry groups.

Key Performance Indicators (KPIs):

Financials:

• Reduction in costs associated with security breaches and incidents.

• Cost-effectiveness of implemented security measures. 3. Budget adherence for security projects and initiatives.

• Return on investment (ROI) for security investments.

• Financial impact analysis of potential security risks.

Customer:

• Customer satisfaction with security measures in place.

• Number of customer complaints related to IT security.

• Response time to customer security inquiries and issues.

• Customer data breach incidents and their resolution time.

• Customer trust and confidence in the bank’s security posture.

Processes:

• Compliance rate with internal security policies and procedures.

• Number of completed security audits and assessments.

• Incident response time and resolution rate.

• Frequency and effectiveness of security training programs.

• Implementation and maintenance of security controls and measures.

People:

• Staff awareness and adherence to security policies.

• Employee participation in security training and awareness programs.

• Reduction in human-related security incidents and breaches.

• Employee feedback on security governance and policies.