Background information about the job or company (e.g., role context, company overview)

Vision: To be the leading insurance industry regulator. Mission: To effectively regulate, supervise, develop the insurance industry and protect insurance beneficiaries. Core Values: (i)Accountability: -We exercise prudence in use of public resources entrusted to IRA. (ii)Team Spirit: -We work effectively with others across functional lines to a...

Responsibilities or duties

• Coordinating implementation and periodic review of approved cybersecurity policies and standards.
• Coordinating cybersecurity incident management and supervising operational response activities.
• Supervising day-to-day operations of the Insurance Industry Cybersecurity Operations Centre.
• Researching on new and emerging technological and regulatory trends in relation to Cybersecurity management.
• Coordinating gathering and dissemination of technical information on cybersecurity incidents, vulnerabilities, security fixes and other security information, as well as issuing alerts and warnings.
• supervising cybersecurity incident management activities within the insurance industry, including review of response effectiveness.
• Coordinating cybersecurity analysis and forensic investigations.
• Supervising compliance with approved cybersecurity systems and Critical Infrastructure Protection (CIP) requirements by regulated entities.
• Ensuring quality assurance of the Insurance Industry Cybersecurity Operations Centre.
• Reviewing and disseminating of insurance industry cybersecurity posture reports,
• Coordinating cybersecurity advocacy, awareness, and capacity building in the insurance industry,
• Reviewing effectiveness of cybersecurity systems.
• Reviewing backup schedules of cybersecurity monitoring and management systems.
• Liaising with other SOCs, and industry stakeholders on matters of Cybersecurity monitoring and management.
• Reviewing specifications for acquisition of cyber security systems.
• Coordinating implementation of cyber-security systems.
• Coordinating implementation of the Critical Infrastructure Protection (CPI) framework.
• Developing, implementing and reviewing Computer Incident Response (CIR) Manual and Standard Operating Manual.
• Coordinating the development, monitoring implementation and regular review of the insurance industry Cybersecurity Policies.
• Conducting partnerships and collaboration with cyber security stakeholders locally, regionally, and globally.

Qualifications or requirements (e.g., education, skills)

• Bachelor’s degree in any of the following: Electrical Engineering, information technology, information systems security, software engineering, or equivalent qualification from a recognized institution.
• Master’s degree in any of the following: Electrical Engineering, information technology, information systems security, software engineering, or equivalent qualification from a recognized institution.
• Professional qualifications in any of the following:
  • Cisco Certified Network Associate (CCNA);
  • Certified Information Systems Auditor (CISA);
  • Certified Information Security Manager (CISM);
  • Certified Information Systems Security Professional (CISSP);
  • Certified Ethical Hacker (CEH);
  • Any other equivalent qualification from a recognized institution.
• Management Course lasting not less than four (4) weeks from a recognized institution.
• Membership to a relevant professional body where applicable and in good standing.

Competencies and skills

• Communication skills
• Interpersonal skills
• Analytical skills
• Report writing skills
• Presentation skills
• Conflict management skills
• Negotiation skills

Experience needed

Six (6) years cumulative relevant work experience, three (3) years of which should have been at the grade of Senior Cybersecurity Officer or in a comparable and relevant position.

• Coordinating implementation and periodic review of approved cybersecurity policies and standards.
• Coordinating cybersecurity incident management and supervising operational response activities.
• Supervising day-to-day operations of the Insurance Industry Cybersecurity Operations Centre.
• Researching on new and emerging technological and regulatory trends in relation to Cybersecurity management.
• Coordinating gathering and dissemination of technical information on cybersecurity incidents, vulnerabilities, security fixes and other security information, as well as issuing alerts and warnings.
• supervising cybersecurity incident management activities within the insurance industry, including review of response effectiveness.
• Coordinating cybersecurity analysis and forensic investigations.
• Supervising compliance with approved cybersecurity systems and Critical Infrastructure Protection (CIP) requirements by regulated entities.
• Ensuring quality assurance of the Insurance Industry Cybersecurity Operations Centre.
• Reviewing and disseminating of insurance industry cybersecurity posture reports,
• Coordinating cybersecurity advocacy, awareness, and capacity building in the insurance industry,
• Reviewing effectiveness of cybersecurity systems.
• Reviewing backup schedules of cybersecurity monitoring and management systems.
• Liaising with other SOCs, and industry stakeholders on matters of Cybersecurity monitoring and management.
• Reviewing specifications for acquisition of cyber security systems.
• Coordinating implementation of cyber-security systems.
• Coordinating implementation of the Critical Infrastructure Protection (CPI) framework.
• Developing, implementing and reviewing Computer Incident Response (CIR) Manual and Standard Operating Manual.
• Coordinating the development, monitoring implementation and regular review of the insurance industry Cybersecurity Policies.
• Conducting partnerships and collaboration with cyber security stakeholders locally, regionally, and globally.

• Communication skills
• Interpersonal skills
• Analytical skills
• Report writing skills
• Presentation skills
• Conflict management skills
• Negotiation skills

• Bachelor’s degree in any of the following: Electrical Engineering, information technology, information systems security, software engineering, or equivalent qualification from a recognized institution.
• Master’s degree in any of the following: Electrical Engineering, information technology, information systems security, software engineering, or equivalent qualification from a recognized institution.
• Professional qualifications in any of the following:
  • Cisco Certified Network Associate (CCNA);
  • Certified Information Systems Auditor (CISA);
  • Certified Information Security Manager (CISM);
  • Certified Information Systems Security Professional (CISSP);
  • Certified Ethical Hacker (CEH);
  • Any other equivalent qualification from a recognized institution.
• Management Course lasting not less than four (4) weeks from a recognized institution.
• Membership to a relevant professional body where applicable and in good standing.