Serena Hotels is seeking to fill the position of Information Security Officer.
Under the direction of Group IT Manager, the Information Security Officer is overall responsible for IT security, driving the IT security strategy and implementation forward whilst protecting the business from security threats and cyberattacks. The Information Security Officer will assist the IT Team comply with the company’s IT Policy, Procedures and standards. This role is group-wide and will commonly involve working with the Hotel IT Managers, Systems Administrator, Consultants and Auditors.
The incumbent will be responsible for the following key result areas:
Roles
- Formulate and implement IT security strategy, oversee IT security projects.
- IT security advisory and guidance role, tracking latest IT security innovations and keeping abreast of latest cybersecurity technologies.
- Performing formal IT security audits and risk assessments with a view to minimizing risk and exposure.
- Follow-up implementation of all IT audit recommendations.
- Ensure disaster recovery and business continuity plans are up-to-date.
- Perform vulnerability assessments and penetration tests (VAPT) and secure all loopholes.
- Administer IT security solutions on daily basis including secured email gateway, endpoints, firewalls, patch management.
- IT security incident management.
- Update and enforcement of the IT security policies, procedures and standards.
- Develop and deliver IT security training/awareness programmes.
- Guide on securing Serena’s e-commerce platforms.
- Assist in complying with all data protection regulations.
Knowledge, Skills & Experience Required
- A Bachelor’s degree in Computer Science or closely related discipline.
- Completed CISM or CISSP Certification.
- Minimum of 3-5 years’ experience in a similar position is essential.
- Hands-on experience at configuring IT security solutions – firewalls, endpoint, mail gateway.
- Conducted several comprehensive IT risk assessments and VAPT.
- Excellent verbal, written and interpersonal skills.
- Proven leadership skills.
- Self-motivated and a good team player.
- Knowledge of information security management best practices such as ISO 27001,
- Experience at writing effective security policies and procedures.
The remuneration package for the position will be commensurate with the candidate’s qualification and experience.
If you believe that you have the required qualifications and experience, please apply in confidence by 15th July 2023, enclosing a detailed CV, names and addresses of three referees, your current salary and your telephone contact to [email protected].
