Specialist Cyber Security (Governance, Risk and Compliance)
Location: Midrand
Duration: 12 months
Key Accountabilities and Decision
- Continually review and update security policies, standards, and guidelines in response to the ever-changing cyber threats in coordination with Enterprise Risk Management team.
Core competencies, knowledge and experience:
- Bachelors degree in electrical Eng./Computer Science/ Information Technology (or equivalent) from a recognized university.
- At least one professional Information Security Qualification:
- CISM / CISA/ CISSP/ CEH
- Monitor and drive compliance to internal and global cyber security related policies and standards
- Baseline controls and applicable laws and regulations.
- Coordinate stakeholders to deliver on targets or agreed business outcomes.
- Coordinate periodic independent assurance of critical products and services.
- At least 2+ years proven experience with Cyber Security related Standards (ISO 27001, PCI-DSS, etc.)
- Proven experience with GDPR, Data Protection laws, CBK guidelines on Cyber Security amongst others.
- At least 2+ years of hands-on experience in managing Cyber Security technologies and operations.
- Coordinating implementation of recommendations from independent assessments.
- Conduct cyber risk assessments to determine cyber risk profile and define treatment plans.
- Recommend cyber security services improvement plans.
- Coordinate projects handover process within the cyber security functions.
- Continually review, implementation and improvements of the user access governance process.
- Coordinate periodic cyber security knowledge transfer, awareness sessions and phishing simulations to staff in line with strategy.
- Support implementation of the Managed Security Services strategy and roadmap.
- Participate actively in cyber security events and trade shows, reporting and presentations.
- Proven experience in supervising, leading, or coordinating teams and managing stakeholders.