NATIONAL PENSION SCHEME AUTHORITY APPOINTMENT
The National Pension Scheme Authority (NAPSA) wishes to fill the position of Senior Manager – IT Security to be based at Head Office. Interested applicants who meet the required competences are encouraged to apply.
The successful candidate will be expected to have demonstrable competencies relevant to the job and will be offered competitive remuneration package.
1.0 SENIOR MANAGER – IT SECURITY (GRADE NPS 02)
1.1 Main Purpose of Job
The Senior Manager, IT Security is responsible for the development and implementation of the IT Security Strategy and Policies in order to protect the Authority’s data, computer infrastructure and
networks. This will cover, among other areas, Access Control, Firewalls, Intrusion Detection, Vulnerability Scanning, Security Audit, Malware and Spyware Protection, Email Security, Business Applications Security, Enterprise BCP and VPN and general Network Security. This is to ensure the availability of a safe IT platform from which to manage member funds. Additionally, the position coordinates the implementation of the section work plan to ensure the activities of the section are aligned with the section strategy, and that quality standards and timelines are observed.
networks. This will cover, among other areas, Access Control, Firewalls, Intrusion Detection, Vulnerability Scanning, Security Audit, Malware and Spyware Protection, Email Security, Business Applications Security, Enterprise BCP and VPN and general Network Security. This is to ensure the availability of a safe IT platform from which to manage member funds. Additionally, the position coordinates the implementation of the section work plan to ensure the activities of the section are aligned with the section strategy, and that quality standards and timelines are observed.
1.2 Key Responsibilities
a) Develop and oversee the implementation of the IT Security Strategy across the Authority, to ensure the IT platform provides protection of NAPSA information that is critical in the administration of member funds.
b) Implement the Authority’s approved enterprise-wide Business Continuity Plan (BCP) to ensure high availability of business applications and protection of the Authority’s data.
c) Develop and implement work plans to facilitate the implementation of the IT Security Strategy within set timelines and quality standards.
d) Develop and seek funding for the section budget to ensure the availability of resources critical for the implementation of the IT Security Strategy.
e) Develop and implement access control and Bring-Your-OwnDevice (BOYD) policies to ensure the availability of guidelines that dictate the conduct of NAPSA staff in the utilisation of IT facilities for enhanced security.
f) Source and oversee the implementation of Intrusion Detection Systems to provide ease in the identification of security threats into the NAPSA IT systems.
g) Develop a control framework for the prevention of Malware and Spyware for enhanced IT security.
h) Develop and execute a Test Schedule for Intrusion Detection, Vulnerability Scanning and Security Audit in order to prevent disruptions to the NAPSA operations during the exercise.
i) Provide guidance to the development team during the systems development life cycle to ensure system security is ensured.
j) Work with units such as ZICTA, External Audit and Internal Audit to ensure that the Authority’s IT landscape is compliant at all levels of the architecture.
k) Conduct regular enterprise-wide IT Security audits and make remedial actions recommendation on the findings to ensure minimal exposure of the NAPSA information.
l) Develop Security standards to be adhered to by all IT Applications and Infrastructure and provide input to all IT projects on the Security requirements of respective initiatives.
m) Responsible for e-Channel Security (smart phone applications, USSD, e-Payment, e-Collections, Website) as the Authority grows its e-channel presence in supporting the Authority’s strategy of increased interaction options with its members.
b) Implement the Authority’s approved enterprise-wide Business Continuity Plan (BCP) to ensure high availability of business applications and protection of the Authority’s data.
c) Develop and implement work plans to facilitate the implementation of the IT Security Strategy within set timelines and quality standards.
d) Develop and seek funding for the section budget to ensure the availability of resources critical for the implementation of the IT Security Strategy.
e) Develop and implement access control and Bring-Your-OwnDevice (BOYD) policies to ensure the availability of guidelines that dictate the conduct of NAPSA staff in the utilisation of IT facilities for enhanced security.
f) Source and oversee the implementation of Intrusion Detection Systems to provide ease in the identification of security threats into the NAPSA IT systems.
g) Develop a control framework for the prevention of Malware and Spyware for enhanced IT security.
h) Develop and execute a Test Schedule for Intrusion Detection, Vulnerability Scanning and Security Audit in order to prevent disruptions to the NAPSA operations during the exercise.
i) Provide guidance to the development team during the systems development life cycle to ensure system security is ensured.
j) Work with units such as ZICTA, External Audit and Internal Audit to ensure that the Authority’s IT landscape is compliant at all levels of the architecture.
k) Conduct regular enterprise-wide IT Security audits and make remedial actions recommendation on the findings to ensure minimal exposure of the NAPSA information.
l) Develop Security standards to be adhered to by all IT Applications and Infrastructure and provide input to all IT projects on the Security requirements of respective initiatives.
m) Responsible for e-Channel Security (smart phone applications, USSD, e-Payment, e-Collections, Website) as the Authority grows its e-channel presence in supporting the Authority’s strategy of increased interaction options with its members.
2.0 Qualifications and Experience
- Bachelor Degree in Computer Science or equivalent;
- Master’s Degree in a related field is an added advantage;
- Relevant IT certification;
- Not less than seven (7) years of IT generalist experience at a senior management level in an organisation of similar size.
TO APPLY:
Your application letter should be accompanied by a CV and copies of relevant certificates and should also specify your contact address and telephone number(s).
Application letters should be addressed to:
Director Human Resources and Administration
National Pension Scheme Authority
Levy Business Park
Church Road
P.O. Box 51275
LUSAKA
National Pension Scheme Authority
Levy Business Park
Church Road
P.O. Box 51275
LUSAKA
The closing date of receipt of applications is Friday, 8th December, 2017.
Kindly note that only shortlisted applicants will be contacted.
0 Comments