Senior Deputy Manager - IT Security - National Development Bank PLC (NDB)

Senior Deputy Manager – IT Security

We are looking for a skilled professional to oversee the Bank’s IT Security. The role involves designing, evaluating, implementing, documenting, and maintaining IT security solutions to safeguard the Bank’s IT infrastructure. The ideal candidate will also be responsible for developing and refining procedures to ensure robust IT security practices across the organization.

The Job:

-Coordinate internal and external audit requests, supporting all audit-related activities. 
-Conduct risk assessments (annual and event-driven) and collaborate with system administrators to design and implement effective mitigation strategies. 
-Define and periodically update IT security job roles to align with organizational needs. 
-Supervise security administrators to ensure adherence to policies, procedures, guidelines, and checklists, while monitoring the evolving threat landscape and implementing mitigation technologies. 
-Plan and manage infrastructure expansions based on stakeholder feedback and organizational requirements. 
-Prepare and oversee the annual IT security budget. 
-Lead and manage the Security Operations Center (SOC), ensuring proactive threat detection, response, and alignment with disaster recovery plans. 
-Optimize existing IT architectures to reduce complexity, improve efficiency, and ensure secure, scalable infrastructure designs.
-Implement and maintain IT security continuity and disaster recovery plans to ensure organizational resilience. 
-Develop and enforce security awareness programs to educate employees on cyber security best practices. 
-Establish and maintain compliance with relevant regulations and industry standards. 
-Lead incident response efforts, including managing breaches, conducting forensic investigations, and preparing post-incident reports. 
-Perform regular penetration testing and vulnerability assessments to identify and address system weaknesses. 
-Provide strategic input on cyber security investments, digital product acquisitions, and technology roadmaps, while advising leadership/Board on emerging threats and cyber security initiatives. 
-Lead and mentor the IT security team, fostering a culture of continuous learning and professional growth.

The Person:

-Possess a Master’s Degree in Information Security and professional qualifications in Information Security such as CISM or CISSP.
-Possess minimum 4 years’ experience in Information Security with experience in above management responsibilities. Also industry experience in network security design, implementation and support of a distributed enterprise class environment.
-Experience in E-Commerce, M-Commerce and payment card security.
-Possess a strong understanding of information security concepts and technologies.
-Possess a sound knowledge of incident management and change management.
-Possess a sound knowledge of compliance and regulatory requirements such PCI, DSS, ISO27001, CBSL Tech risk directive & baseline security standard.
-Possess a good understanding of industry trends, emerging technologies & threats and specific threats targeting financial institutions.