Information Security Manager
To plan, organize, coordinate and manage the Corporation's IT Security and operations to secure corporate applications, data, computers and networks. The role is also responsible for designing, implementing and administering IT security policies, technologies, solutions and processes.
Organization - The job holder works for a large organization with considerable Information Security Processes.
Role - With regard to information security planning, the job holder plays a crucial role.
Impact - The job holder manages Information Security Section that has a direct impact on business results.
Client & Customer Management (Internal)
Helps management manage internal client and customer relationships by using client systems and protocols.
Meets changing requirements by developing new testing approaches and strategy for a defined range of products and/or operations.
Identifies and evaluates complex expertise-led solutions against a range of criteria to find the ones that best meet business needs.
Policy Development & Implementation
Develops procedures for area of expertise with guidance from management, then monitors implementation of those procedures within the organization.
Builds own capabilities and develops the capabilities of direct reports by working within existing development framework; provides specialized training or coaching in area of expertise to others throughout the organization.
Leadership and Direction
Delivers outcomes by managing others and working within established systems.
Identifies shortcomings, suggests improvements and implements approved revisions to current compliance processes, systems and procedures within assigned unit and/or discipline.
Improvement / Innovation
Initiates, formulates and implements new business practices for own discipline, while managing the development and/or delivery of a significant element of the organization's change management program.
Delivers specified outcomes and/or provides support services within a designated area of audit control by working within established systems.
Delivers prescribed outcomes by working as directed within established data management systems and procedures.
Safety, Health and Environment
Delivers own prescribed outcomes and/or provides support services by using the organization's safety, health and environment systems and protocols.
Takes responsibility for implement a team's performance management systems with guidance from management.
Budgeting & Control
Develops and/or delivers budget plans for own area.
Manages and delivers required outcomes for a portfolio of contracts and negotiates service level agreements while planning, coordinating and supervising activities related to major contracts.
Manages and delivers required outcomes for a portfolio of projects while reporting to senior colleagues.
Develops and/or delivers elements of a strategic planning system with guidance from senior colleagues.
- A recognized University Degree in Computer Engineering, Computer Science, Information Technology or Equivalent.
- Industry related certification and professional membership e.g. CISSP, CISM will be an added advantage.
Behavioural Competencies (Skills)
Takes an active interest in other people. Seeks to understand their individual perspectives and concerns and accurately hears the unspoken or partly expressed thoughts, feelings and concerns of others. Specifically, actively listens; for example, repeating what was heard to check understanding, particularly in difficult conversations.
Organizational Systems Thinking
Considers and addresses the organization as a set of interacting systems so as to structure and align organizational ways of working to the strategy or organizational purpose. This is about changing structure, systems, processes (the 'plumbing' of the organization) - it is not the interpersonal aspects of leading change. Specifically, identifies areas for change; for example, diagnosing misalignment between the organizational structure or model and the desired outcomes.
Focuses on the long-term business strategy and aligns their thinking and planning accordingly. Specifically, clarifies and refines the strategy; for example, translating the overall strategy into actionable local changes or innovations.
Thinks through issues by seeing the pattern or big picture, brings facts and ideas together, and develops innovative or creative insights. Specifically, cuts through complexity; for example, explaining complex situations or data in a way that is easy for others to understand.
A desire to know more and seek information to inform decisions. Specifically, seeks broad content; for example, keeping up with trends and cutting edge practice from beyond their own context.
Has an understanding of the business context in which they are operating that informs planning and decision making. Specifically, understands and acts on market trends; for example, is aware of emerging competitors or context risks and takes action.
Builds capability of others by teaching, coaching and/or mentoring them to do an excellent job for the long-term. Specifically, provides constructive feedback; for example, encouraging others to assess how things have gone, and learn from their experiences.
Acts proactively to avoid problems or identifies and takes advantage of opportunities. Specifically, takes action for long-term gain; for example, acting now to take advantage of opportunities that will pay off in the long-term.
Identifies and meets the needs of internal and external customers, being continually focused on outcomes for customers. Specifically, improves service; for example, asking for customers feedback and takes action for improvement.
Approach to Thinking
Thinks through situations of varying degrees of complexity and ambiguity, in order to understand them clearly. Specifically, sees multiple relationships; for example, identifying several likely causes or consequences of a situation.
Builds a high performing team by ensuring that the team is focused, motivated and inspired to achieve team objectives. Specifically, sets team direction; for example, communicating and sustaining a clear sense of purpose for the team.
Responds to differences and changes in the internal or external context, taking a flexible approach to reach business outcomes. Specifically, tries new ways to do things; for example, coming up with alternative methods or ways of working.
Drive for Results
Focuses on assessing, measuring and improving performance. Shows drive and determination to meet short- and long-term goals. Specifically, strives to meet challenging goals; for example, setting ambitious, but realistic goals for performance improvement (for self and/or own team).
Attention to Detail
Manages, tracks and attends to multiple pieces of information, bringing order and clarity. Specifically, monitors data or projects; for example, monitoring progress of against milestones or deadlines.
Win the hearts and minds of others across boundary collaborations and to do the right thing, regardless of formal authority. Specifically, facilitates short-term teaming; for example, pulling together individuals to team around a problem, crisis, or opportunity.
Technical Competencies (Skills)
Applies comprehensive knowledge and skills to work independently while providing guidance and training to others on acquiring, organizing, protecting and processing data to fulfill business objectives.
Uses comprehensive knowledge and skills to act independently while guiding and training others on achieving full compliance with applicable rules and regulations in management and/or operations.
Works without supervision while providing technical guidance when required on managing projects and/or programs within desired cost, time and quality parameters.
Uses comprehensive knowledge and skills to act independently while guiding and training others on selecting, deploying and getting the best results from the most appropriate office system.
Works without supervision and provides technical guidance when required on monitoring, diagnosing and fixing technological problems.
Uses comprehensive knowledge and skills to act independently while guiding and training others on configuring, operating and managing IT hardware.
Works without supervision and provides technical guidance when required on monitoring and managing the provision of contracted services.
Business Requirements Analysis
Uses comprehensive knowledge and skills to act independently while guiding and training others on analyzing the business requirements that IT solutions must meet.
Health and Safety
Manages and applies safe systems of work without supervision and provides technical guidance when required.
Policy and procedures
Uses comprehensive knowledge and skills to work independently while providing guidance and training to others on developing, monitoring, interpreting and understanding policies and procedures, while making sure they match organizational strategies and objectives.
Uses comprehensive knowledge and/or skills to act independently while providing guidance and training to others on identifying, assessing, prioritizing and managing risks.
Policy and Regulation
Works without supervision and provides technical guidance when required on interpreting and applying knowledge of applicable laws, regulations and policies in area of expertise.
Costing and Budgeting
Uses comprehensive knowledge and skills to work independently on costing, budgeting and finance tasks while providing guidance and training to others.
Data Collection and analysis
Works independently and provides guidance and training to others on analyzing data trends for use in reports to help guide decision making.
Planning and Organizing
Uses comprehensive knowledge and skills to work independently while providing guidance and training to others on planning, organizing, prioritizing and overseeing activities to efficiently meet business objectives.
A minimum of 6 years post qualification experience related to IT security including risk management, disaster recovery, IT security awareness/training 3 of which should have been at supervisory level.
At least 3 years at supervisory level.
If you qualify for the above post, visit https://www.bpc.bw/careers/Pages/Information-Security-Manager.aspx to apply.