IT Security Officer

Role Overview

The IT Security Officer is responsible for driving the group-wide IT security strategy and implementation, protecting Serena Hotels from cyber threats and attacks, and ensuring compliance with IT policies, procedures, and standards. Reporting to the Group IT Manager, the role provides advisory support, oversees IT security projects, and ensures resilience through disaster recovery and business continuity planning across all Serena Hotels operations in Africa.

Key Responsibilities

• Strategy & Advisory: Formulate and implement IT security strategy and oversee IT security projects. Provide IT security advisory and guidance, keeping abreast of the latest cybersecurity technologies.
• Audit & Assessment: Conduct formal IT security audits, risk assessments, and follow up on implementation of audit recommendations. Perform vulnerability assessments and penetration tests (VAPT) to secure potential cybersecurity loopholes.
• Operational Security: Administer IT security solutions daily, including secured email gateways, endpoints, firewalls, patch management, and zero-trust solutions.
• Incident Management: Manage IT security incidents and coordinate response efforts.
• Policy & Compliance: Review, update, and enforce IT security policies, procedures, and standards. Guide the securing of Serena’s e-commerce platforms and ensure compliance with data protection regulations.
• Training & Awareness: Develop and deliver IT security training and awareness programs to staff.
• Business Continuity: Ensure disaster recovery and business continuity plans are up to date.
• Regional Support: Travel to Serena sites across Africa to support local IT security operations.

Qualifications and Experience

• Education: Bachelor’s degree in Computer Science or a closely related discipline.
• Certifications: Professional certification such as CISM or CISSP is required.
• Experience: Minimum of 3–5 years’ experience in a dedicated IT security role.
• Technical Expertise: Hands-on experience configuring and managing IT security solutions like firewalls, endpoints, mail gateways, and zero-trust systems.
• Audit Knowledge: Experience conducting IT risk assessments and VAPT.
• Frameworks: Knowledge of industry standards (ISO 27001) and frameworks (NIST CSF 2.0).
• Policy Development: Proven experience in formulating and implementing IT security policies and procedures.

How to Apply

Interested and qualified candidates should apply online through the portal. Click here to apply. Make sure to submit your application before the deadline on March 11, 2026.