Job Purpose
Cassava Smartech is looking for a Head of Information Systems Security & Governance to join the IS Technical team. The main purpose of the job is to develop and provide strategic direction for Cassava Smartech IS Security and Governance interventions/programs with an aim of minimizing data loss and revenue leakages along the service delivery value chain.

security programs

Duties And Responsibilities

• Develops and ensures that clear strategic short to medium term goals and objectives are cascaded throughout Cassava Smartech.
• Develops and maintains control procedures and processes aimed at preventing revenue loss and fraud.
• Identifies potential revenue assurance problem areas and arranges the required investigations and takes relevant action where necessary
• Collaborates with Business Unit stakeholders to ensure that services offered are relevant, timely, of appropriate quality and cost-effective
• Assesses, evaluates and recommends IT Security and Governance systems with regard to medium to long-term goals of Group.
• Analyses, identifies and projects IT risk requirements.
• Develops and maintains control procedures and processes aimed at preventing revenue loss and fraud
• Identifies potential revenue assurance problem areas and arranges the required investigations and takes relevant action where necessary.
• Builds business IT processes and systems in line with best practice
• Creates and maintains Information Risk Governance Documents
• Creates, manages and reviews on a periodic basis, existing methodologies, frameworks and approaches as they relate to IT risk.
• Drives the development of a risk and control culture in the company through knowledge sharing and creating awareness on the importance of risk management.
• Manages the IRMS/ISMS for the company through ensuring appropriate Information Risk Management approaches are implemented.
• Enables IT assurance and audit activities against an Enterprise-wide relevant framework
• Updates the information security policies and procedures and ensure that they are reviewed monthly/quarterly.
• Performs trend analysis on all the incidents, audit findings, identified risks to provide a complete picture of the risk profile of the areas and highlight trends.

Qualifications And Experience

• A BSc Degree in Information Systems, Computer Science or equivalent
• A post graduate qualification is an added advantage
• CISSP, CISM, CISA, Security+ or comparable Information Security Assurance certification will be an added advantage
• A minimum of 4-6 years’ experience in a similar or related environment working with and managing application