Office of Human Resources

Information Security

Job Title:  Director Information Security

Key Job Responsibilities:

  • Establish and maintain a framework to provide assurance that information security strategies are aligned with business objectives and consistent with applicable laws and regulations.
  • Develop systematic, analytical and continuous risk management process.
  • Manages the performance, availability and reliability of all Information Security resources
  • Responsible for risk assessments and monitoring security trends and legislations
  • Design, elaborate and implement processes for detecting, identifying and analysing security related events.
  • Oversee the development and implementation of hardening procedures for organizations Application and Database servers, workstations and Network infrastructure.
  • Oversee regulatory compliance, establish and implement cyber security-related policies
  • Establish and oversee the organization's security architecture
  • Establish, operate and maintain an internal Information Security Audit program comprising of periodic IT Audits, Vulnerability Assessments and penetration testing to verify resilience of  UMT’s IT Infrastructure
  • Conduct Technical meetings and working groups to address issues relating to information security.
  • Oversee UMT’s staff information security awareness and training program
  • Work with UMT’s CS department to develop Computer emergency response team (CERT) for incident response
  • Manage relationships with relevant stakeholders including 3rd parties for evaluation of Third party risk related to security and privacy in outsourced operations.
  • Provide technical leadership, guidance and oversight for establishing, operating and maintaining Information Security program commensurate to organizations information Security requirements and international Standards like ISO 27001, NIST and SOX.

Job Specification:

  • Information security certification such as a CISSP, CISM, CEH or GIAC
  • Experience overseeing an ISO 27001 certification program, with certification as an ISO 27001 Lead Implementer or Auditor preferred
  • Significant knowledge of cyber threat actors and there attack methodologies are required.
  • Significant knowledge of information security technologies, networking and network architecture required.
  • Good technical knowledge and experience across multiple platforms and technologies: Windows, Unix, Linux, networking, applications concepts, databases; wide area networks; computer operations, Intranet/Internet, LAN/WAN Connectivity with good knowledge of firewalls, switches and routers.


  • Master's Degree in Information Security, Information Assurance, IT or relevant Computer science field.


  • 15+ years of experience in information security positions, with 10+ years’ experience in a role overseeing an information security program.


  • Interpersonal
  • Communication
  • Analytical
  • Technical
  • People Management

© Copyright UMT, 2015. All Rights reserved.

Website Credits: OCM-UMT Back to Top
Register Interest