Information Security and Business Continuity Officer

  • Full Time
  • Anywhere
  • Applications have closed

FINCA Limited, a subsidiary of FINCA Impact Finance, is a deposit taking micro finance company limited by shares operating through 23 service outlets which serve borrowers and depositors in rural, urban, and peri-urban areas in the Malawi. FINCA is expanding and diversifying its products in Malawi. To strengthen our team and prepare the companies for the challenges ahead, FINCA Malawi is looking for interested qualified person for the below listed position:

Information Security and Business Continuity Officer — 1 Position, based in Blantyre

Job Description

FINCA Malawi

Job Title                      :           Local Information Security and Business Continuity Officer

Reports To                  :           Risk and Compliance Manager

Functional Reports To :           Global Information Security Director / CISO


Information Security and Business Continuity Officer is primarily responsible for coordinating Information Security initiatives within the subsidiary and ensuring that the subsidiary is compliant with Information Security and Continuity requirements as stipulated in governing security and continuity policy documents.

Information Security and Business Continuity Officer’s responsibilities include managing information security risks and compliance relating to information security, physical security, business continuity planning, crisis management, privacy and compliance. The role also directs the adoption and implementation of FINCA’s corporate policies and procedures within the subsidiary.


  • Serving as the formal single point of contact on Information security and continuity for the subsidiary Ensuring the ongoing integration of information security with subsidiary business strategies and requirements
  • Facilitating implementation of Security and Continuity Policies, standards and procedures within the subsidiary and ensuring delivery of locally assigned information security tasks and activities
  • Coordinating and supporting Security and Continuity Risk and Compliance Activities within the subsidiary
  • Coordinating the delivery of awareness and training program on Information Security and Continuity in the subsidiary
  • Coordinating business and IT continuity planning and DR efforts across subsidiary business units and infrastructure
  • Coordinating Information Security incident response and reporting in subsidiary
  • Other duties as assigned


  • Global Information Security Director
  • Global Chief Technology Officer
  • Global Information Security Team
  • Subsidiary Management Team & Board  Subsidiary IT Security Analyst
  • Risk and Compliance Department
  • Global Business Continuity and Crisis Management Team
  • Internal Audit
  • Regional and Subsidiary IT Management Teams


  • Acting as trusted security and continuity advisor for Subsidiary Management
  • Maintaining Information security management framework with defined KPIs
  • Periodic Reporting on Information Security, Risk and Compliance Status of Business Continuity Assessment and Testing Exercises o Security and Continuity Awareness Activities
  • Facilitating and supporting  o implementation and formalization of security and continuity plans, policies, guidelines and procedures o risk and compliance activities to conform with security policy documents Acting as a SPOC for facilitating security and continuity related incident response


  • None


  • Bachelor’s degree in computer science, cybersecurity, management information systems, business administration, or related discipline preferred. Master’s degree desirable.
  • 5 plus years of demonstrated experience in an information security, risk management or compliance role, preferably within an international environment.
  • Experience with microfinance or banking organizations preferred.
  • Working knowledge of national and international security regulatory compliances and frameworks such as ISO 27001, NIST, COBIT and PCI DSS.


  • Industry Certifications (e.g. CISSP, CISM, SANS GIAC, CBCI) holders preferred
  • Security vendor certifications (e.g. Cisco, TrendMicro, Splunk, Qualys) is a plus.


  • High Integrity and Ethics
  • Security Acumen
  • Communication and presentation skills
  • Team Player
  • Virtual Team Working


Fluency in English is required. Fluency in a local language is highly desired


Ability to travel 10% of the time


Ability to travel in public road transport

For details for the above jobs, please visit our recruitment portal on this link

Qualifying and interested persons should apply for the position through above link closing date for applications is 9th August, 2019

For any questions or further information contact the Human Resources Manager on 01 822 256

Only short listed applicants will be acknowledged.

FINCA International Inc. is an Equal Opportunity Employer.