INFORMATION SECURITY COMPLIANCE OFFICER

Commercial International Bank

*

1. Recommend changes to policies and procedures based on changes to regulations, standards or best practices ensuring that any security mandates are adequately implemented and reported such as ISO, PCI, SWIFT, CBE regulations, and other applicable standards.
2. Recommend and coordinate with the Security Operations Center for the security compliance monitoring requirements as needed such as File Integrity Monitoring, Database Activity Monitoring and others.
3. Ensure maintenance of all needed documentation supporting security compliance requirements, and audit issues for ongoing tracking and documentation.
4. Participate in Secure Development and Acquisition life cycle process to assess and identify areas of concern from security compliance perspective in line with regulations, standards and best practices.
5. Collaborate efforts with the Information Security Analysis Team to provide input to the security risk assessments and risk register, which will ensure all security compliance requirements are being considered and catered for.
6. Review and ensure the semi-annual firewall reviews are conducted to ensure compliance with PCI, Swift standards and the developed security policies.
7. Develop the necessary compliance use cases to support the different security controls and compliance requirements and communicate violations to the relevant teams.
8. Ensure the standard operating procedures (SOP) are maintained for the different compliance processes and ensure proper adherence to the set SLA.
9. Maintain annual compliance with the Information Security Management System - ISO 27001 standard on the certified scope.
10. Liaise with the different IT Teams to develop standard configuration and baselines for IT Infrastructure and Platforms aligned with industry best practices and standards.
11. Conduct periodic reviews against the approved baselines and ensure closure of all identified gaps.