- To lead in the risk management of cyber security risks while collaborating with other departments to identify, recommend, develop, implement, and support a risk-informed decision and action framework.
- Assist in the management and rollout of cyber Training & Awareness initiatives.
- Provide Management with status update reports as well as insight reporting.
- To lead an ongoing evaluation of security policies, and relevant standards and support the continuous improvement of the security governance program.
- Ensure the alignment of Information Security Risk management with the enterprise risk management framework.
- To support Management during audits as well as implement and track Management audit actions to closure.
- To provide Management with assurance covering controls across the Business environments that there are adequately designed and operating effectively.
- To ensure that comprehensive Information Security Risk management programs are established.
- Deploying cyber security awareness training collateral with innovative approaches.
- Develop cyber risk portfolios to provide a more holistic view of teams’ risks.
- Cyber audit SPOC to the business with guidance on all audit submissions.
- Promote awareness of security policies, training, and the governance strategy amongst all levels of the organization to ensure sound security. governance is reflected across the organization.
- Design of status reports as well as insight reporting as and when required by Management.
- Conduct regular compliance assessments with the Business to ensure that current and emerging risks are being monitored and managed.
- Process and Control Compliance Monitoring and Reporting.
- Maintain and further develop the Cyber Risk Management Program.
- Actively manage risks on the Cyber Risk Register from intake to resolution.
- Communicate risk assessment findings with key stakeholders to develop and monitor risk remediation plans.
- Assess policy needs, train stakeholders in the policy lifecycle and communicate expectations, and collaborate with stakeholders from subject matter experts to senior leaders to develop and manage security content.
- Taking a proactive approach to ongoing evaluation of cyber security policies to ensure security policy adherence.
- Tracking and monitoring of audit remediation action implementation.
- Lead reporting development with the use of automation and reporting tools.
- Proactive Control design and implementation guidance provided to the Business.
- Cyber audit report reviews and guidance to Management on the recommended actions.
- Proven experience managing and operating multiple security programs, projects, and initiatives.
- A deep understanding of Tech Security risks and mitigating solutions.
- GSM Network Infrastructure.
- Degree\Relevant tertiary qualification in Information technology and Minimum of 5+ years of experience in a Tech Security role where you meet business deliverables.
- Matric is essential.
- Knowledge of legal, regulatory, and privacy requirements, such as Personally Identifiable Information (PII) Protection and Payment Card Industry (PCI)/Data Security Standard.
- Web Security & Encryption.
- Windows, UNIX, and Linux operating systems.
- At least 5+ years of experience in cyber governance, risk, controls, and compliance management in a technology environment.
- Security concepts related to DNS, routing, authentication, VPN, proxy services, and DDOS mitigation technologies.
- Knowledge of common information technology management/compliance frameworks such as ISO/IEC 27001, SOC 2, SOX, ITIL, COBIT, and NIST.
- An ability to think strategically and drive change.
Vacancy Type: Full Time
Job Location: Midrand, Gauteng, SA
Application Deadline: N/A