Background information about the job or company (e.g., role context, company overview),

Vision: To be the leading insurance industry regulator. Mission: To effectively regulate, supervise, develop the insurance industry and protect insurance beneficiaries. Core Values: (i)Accountability: -We exercise prudence in use of public resources entrusted to IRA. (ii)Team Spirit: -We work effectively with others across functional lines to a...

Responsibilities or duties,

Job Specifications

Duties and responsibilities at this level will entail:

• Supervising implementation, compliance monitoring, and quality assurance of approved cybersecurity policies, strategies, and standards for the insurance industry.
• Coordinating research and analysis on cybersecurity, related technologies and advising on new trends.
• Supervising gathering and dissemination of technical information on cyber security incidents, vulnerabilities, security fixes and other security information, as well as issuing alerts and warnings.
• Coordinating and supervising cybersecurity incident management activities within the insurance industry, including review of response effectiveness.
• Supervising cybersecurity analysis and forensic investigations.
• Supervising compliance with approved cybersecurity systems and Critical Infrastructure Protection (CIP) requirements by regulated entities.
• Providing supervisory oversight and quality assurance of the Insurance Industry Cybersecurity Operations Centre (SOC).
• Reviewing and disseminating of insurance industry Cybersecurity posture reports.
• Coordinating cybersecurity advocacy, awareness, and capacity building in the insurance industry.
• Reviewing effectiveness of cybersecurity systems.
• Reviewing backup schedules of cybersecurity monitoring and management systems.
• Liaising with other SOCs, and industry stakeholders on matters of Cybersecurity monitoring and management.
• Reviewing specifications for acquisition of cybersecurity systems.
• Supervising implementation of cybersecurity systems.
• Supervising development, implementation and review of Computer Incident Response (CIR) Manual and Standard Operating Manual.
• Supervising development, monitoring and implementation of the insurance industry Cybersecurity Policies.
• Supporting coordination and implementation of approved partnerships and collaborative initiatives with cybersecurity stakeholders.

Qualifications or requirements (e.g., education, skills),

Person Specifications

For appointment to this grade, an officer must have: -

• Nine (9) years cumulative relevant work experience, three (3) years of which should have been at a level of Principal Cybersecurity Officer or in a comparable and relevant position.
• Bachelor’s degree in any of the following: Electrical Engineering, information technology, information systems security, software engineering, or equivalent qualification from a recognized institution.
• Master’s degree in any of the following: Electrical Engineering, information technology, information systems security, software engineering, or equivalent qualification from a recognized institution.
• Leadership Course lasting not less than four (4) weeks from a recognized institution.
• Certificate in at least two (2) of the following:
  • Cisco Certified Network Associate (CCNA);
  • Certified Information Systems Auditor (CISA);
  • Certified Information Security Manager (CISM);
  • Certified Information Systems Security Professional (CISSP);
  • Certified Ethical Hacker (CEH);
  • Any other equivalent qualification from a recognized institution.
• Membership to a relevant professional body where applicable and in good standing.

Competencies and skills

• Communication skills
• Interpersonal skills
• Analytical skills
• Report writing skills
• Presentation skills
• Conflict management skills
• Negotiation skills
• Leadership skills
• Mentorship and coaching skills

• Supervising implementation, compliance monitoring, and quality assurance of approved cybersecurity policies, strategies, and standards for the insurance industry.
• Coordinating research and analysis on cybersecurity, related technologies and advising on new trends.
• Supervising gathering and dissemination of technical information on cyber security incidents, vulnerabilities, security fixes and other security information, as well as issuing alerts and warnings.
• Coordinating and supervising cybersecurity incident management activities within the insurance industry, including review of response effectiveness.
• Supervising cybersecurity analysis and forensic investigations.
• Supervising compliance with approved cybersecurity systems and Critical Infrastructure Protection (CIP) requirements by regulated entities.
• Providing supervisory oversight and quality assurance of the Insurance Industry Cybersecurity Operations Centre (SOC).
• Reviewing and disseminating of insurance industry Cybersecurity posture reports.
• Coordinating cybersecurity advocacy, awareness, and capacity building in the insurance industry.
• Reviewing effectiveness of cybersecurity systems.
• Reviewing backup schedules of cybersecurity monitoring and management systems.
• Liaising with other SOCs, and industry stakeholders on matters of Cybersecurity monitoring and management.
• Reviewing specifications for acquisition of cybersecurity systems.
• Supervising implementation of cybersecurity systems.
• Supervising development, implementation and review of Computer Incident Response (CIR) Manual and Standard Operating Manual.
• Supervising development, monitoring and implementation of the insurance industry Cybersecurity Policies.
• Supporting coordination and implementation of approved partnerships and collaborative initiatives with cybersecurity stakeholders.

• Communication skills
• Interpersonal skills
• Analytical skills
• Report writing skills
• Presentation skills
• Conflict management skills
• Negotiation skills
• Leadership skills
• Mentorship and coaching skills

• Nine (9) years cumulative relevant work experience, three (3) years of which should have been at a level of Principal Cybersecurity Officer or in a comparable and relevant position.
• Bachelor’s degree in any of the following: Electrical Engineering, information technology, information systems security, software engineering, or equivalent qualification from a recognized institution.
• Master’s degree in any of the following: Electrical Engineering, information technology, information systems security, software engineering, or equivalent qualification from a recognized institution.
• Leadership Course lasting not less than four (4) weeks from a recognized institution.
• Certificate in at least two (2) of the following: Cisco Certified Network Associate (CCNA); Certified Information Systems Auditor (CISA); Certified Information Security Manager (CISM); Certified Information Systems Security Professional (CISSP); Certified Ethical Hacker (CEH); Any other equivalent qualification from a recognized institution.
• Membership to a relevant professional body where applicable and in good standing.