2023-11-15

Senior Information Security Officer – Mogadishu, Somalia

Mogadishu, Somalia
Posted on November 15, 2023

Central Bank Of Somalia

Senior Information Security Officer – Mogadishu, Somalia

CENTRAL BANK OF SOMALIA

Job Description

Post Title: Senior Information Security Officer

Duty Station: Mogadishu

Expected starting date: 2023

Employment Type: Permanent

Appointment Period: Full-time

Reports to: Head of Information Technology (IT)

Supervises: None

About the Central Bank of Somalia (CBS)

The Central Bank of Somalia was established in 1968 as the country’s financial regulatory institution. After years of insecurity, fragility, and economic decline due to the collapse of the state in 1991, The Central Bank was revived and strengthened with the CBS Act of 2011. The Act laid a new foundation to regulate and boost the country’s finance sector and facilitate economic growth.

Our Vision:

The CBS vision is to contribute to the prosperity of the people of Somalia, through maintaining economic & price stability, and financial system stability to support sustainable growth through policy stimulus & advice. In doing so, the Bank would act with the highest degree of integrity & professionalism.

Our Mission:

The mission of CBS is to fulfill its core objectives of maintaining price stability; and building a robust, stable, up-to-date, and sound financial system. This would enable CBS to increase the provision of financial services with a wider choice of services geared to all levels of society which is essential for sustainable growth & the alleviation of poverty.

Our Institutional Values:

Commitment to serving the public interest. Institutional services and orientation.

Ethics and integrity.

Transparency and leadership by example.

Teamwork, equity, fairness, and confidentiality.

1- Role

The IT division of the central bank is a critical component of the organization that is responsible for ensuring the smooth and efficient functioning of the bank’s information technology systems. The division is responsible for the implementation, maintenance, and management of the bank’s technology infrastructure and for providing technology support to all areas of the bank. The primary responsibilities of the IT division include the development, implementation, and maintenance of the bank’s computer systems, networks, and software applications. This includes the implementation of hardware and software upgrades, the management of software licenses, and the maintenance of hardware and software security. The IT division also plays a critical role in ensuring the security and protection of the bank’s information technology systems. Overall, the IT division of the central bank plays a critical role in the bank’s operations, providing essential technological support to all areas of the organization and ensuring the security and protection of its information technology systems.

The Central Bank of Somalia is looking for a highly skilled and experienced Senior Information Security Officer to help protect its vital financial infrastructure. The ideal candidate will have a proven track record of success in developing and implementing information security programs, as well as a deep understanding of the latest threats and vulnerabilities. Providing technical guidance to ensure the smooth operation of the systems. with knowledge, to help ensure that our vital financial infrastructure runs smoothly. Strong analytical skills, strict attention to detail, and a thorough understanding of Cyber Security. This position requires a strong aptitude for complex problem-solving, meticulous attention to detail, and a profound understanding of Cyber security principles.

2- General Description

The Senior Information Security Officer is responsible for developing, implementing, and managing a comprehensive information security program for the Central Bank of Somalia. These included but not limited to:

Assessing and identifying security risks and vulnerabilities Implementing and maintaining security controls and policies Monitoring and responding to security incidents.

Keeping up to date with the latest security trends and threats Providing security awareness training to staff

3- Duties and Responsibilities

Information Security Strategy: implement the information security strategy and policies aligned with industry best practices and regulatory requirements.
Cybersecurity Management: Lead efforts to protect the Bank’s digital infrastructure by monitoring, detecting, and mitigating security threats and vulnerabilities.
SWIFT Network Security: Ensure the security of SWIFT transactions, conduct regular audits, and implement controls to prevent fraudulent activities.
National Payment System Security: Oversee the security of the national payment systems, including real-time gross settlement (RTGS) and automated clearing house (ACH) systems.
Security Compliance: Ensure compliance with relevant cybersecurity regulations and standards, such as ISO 27001, NIST, and any specific banking industry requirements.
Incident Response: investigate and report suspicious activities and intrusions.
Security Awareness: Promote a culture of security awareness within the organization through training and education programs.
Advise: Study information security best practices and advise head of IT.
Security Audits and Assessments: Conduct regular security and risk assessments, and penetration testing to identify vulnerabilities and recommend remediation measures.
Vendor Management: Assess and monitor the security practices of third-party vendors and partners to ensure the security of outsourced services.
Support: Support IT staff to implement and apply security procedures.
Security Documentation: Maintain and update security documentation, including policies, procedures, and incident reports.
Security Reporting: Prepare and present regular reports on the state of cybersecurity.
DR and Business Continuity plan: Regularly check on the DR and BCP.
Other job-related duties as assigned by your immediate supervisor.

Education:

Bachelor’s degree in computer science, Information Security, or a related field. Master’s degree preferred.
Certified Ethical Hacker (CEH)
Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
Certified Cloud Security Professional (CCSP)

Experience:

Proven experience in IT security management, with at least 5 years of relevant work experience in the financial sector.
Strong knowledge of SWIFT security protocols and practices.
Familiarity with international and national cybersecurity regulations and standards.
Excellent communication.
Ability to work collaboratively with cross-functional teams.
Experience with cloud security
Experience with incident response and disaster recovery
Experience with managing and developing a security team
Experience with public speaking and training
Experience with security information and event management (SIEM) systems
Experience with security orchestration, automation, and response (SOAR) platforms

Language:

Operationally fluent in both Somali and English.

Computer Skills:

Proficiency in operating systems such as Windows, Linux, and macOS
Knowledge of programming languages such as Python, Java, and C/C++
Experience with networking technologies and protocols
Experience with security tools and technologies such as firewalls, intrusion detection systems, and encryption
Experience with cloud computing platforms such as AWS, Azure, and GCP
Security tools such as Nmap, Wireshark, and Nessus
Network security technologies such as firewalls, VPNs, and intrusion detection systems
Application security tools such as Burp Suite and OWASP ZAP
Vulnerability management tools such as Nessus and Nexpose

5- Functional and Organizational Skills

Strong troubleshooting skills.

Excellent communication and collaboration skills. Ability to work independently and as part of a team.

Strong analytical and problem-solving abilities with the capability to identify and resolve complex database issues.

Excellent organizational skills and ability to prioritize tasks effectively in a fast-paced environment.

Strong attention to detail and commitment to delivering high-quality work.

Ability to work collaboratively in a cross-functional team and communicate effectively with technical and non-technical stakeholders.

Strong leadership skills to guide and mentor junior team members.

Sound decision-making abilities and the capacity to work under pressure.

6- Expected Deliverables

Security policies and procedures: The Senior Information Security Officer is responsible for developing and maintaining the organization’s security policies and procedures.

Security risk assessments: The Senior Information Security Officer is responsible for conducting regular security risk assessments to identify and assess the security risks facing the organization. These risk assessments should be used to develop and implement security controls to mitigate the risks.

Security incident response: The Senior Information Security Officer is responsible for developing and implementing a security incident response plan.

Security awareness and training: The Senior Information Security Officer is responsible for developing and delivering security awareness and training to employees.

How to apply

Qualified national applicants with required skills are invited to submit their electronic applications and updated resumes through email; recruitment@centralbank.gov.so and copy to ismail.abdi@centralbank.gov.so and it@centralbank.gov.so not later than 27th November 2023 midnight Mogadishu time. Incomplete Applications and those received after the deadline will not be considered.

The Subject line for the applicant’s email should be Application for Senior Information security officer

If you meet the forementioned qualifications, skills, experience, and criteria, we strongly encourage you to apply this position submit your application to contribute to the growth and success of the Central Bank of Somalia.

***Please note Only shortlisted candidates will be contacted.

………………………………………………………………………………………