Our company is seeking an experienced and highly skilled Cyber Security Principal Lead/Specialist to oversee our cyber security strategies and initiatives within the financial services, insurance, and lending sector.
The ideal candidate should have a deep understanding of cyber security practices and trends and possess the leadership skills necessary to guide a team of professionals in implementing and maintaining an effective and comprehensive cyber security program.
Key accountabilities and decision ownership:
o Take a proactive approach to ongoing evaluation of cyber security policies to ensure security policy adherence
o Support/assist with the development and management of the 3-to-5-year Cyber Security Strategy across the companies entity.
o Achieve and maintain and target Cyber Security Maturity level
o Build relevant Business Cases for key initiatives and existing planned cyber programmes.
o Support the Design, Develop and Implement a Security Programme
o No or per target Internal Audit findings related to company
o Ensure a Cyber Security Incident Response Practice
o Promote awareness of security policies, training, and the governance strategy
o Actively manage risks on the Cyber Risk Register from intake to resolution
o Communicate risk assessment findings with key stakeholders to develop and monitor risk remediation plans.
o Conduct regular compliance assessments with the Business to ensure that current and emerging risks are being monitored and managed.
o Proactive Control design and implementation guidance provided to the Business.
o Process and Control Compliance Monitoring and Reporting
o Management on the recommended actions
o Tracking and monitoring of audit remediation action implementation
o Design of status reports as well as insight reporting as and when required by Management.
o Lead reporting development with the use of automation and reporting tools to generate Cyber Risk metrics, i.e. KPI's, KRI's
o To provide Management with assurance covering controls across the Business environments that there are adequately designed and operating effectively.
o To support Management during audits as well as implement and track Management audit actions to closure
Core competencies, knowledge, and experience:
- DegreeRelevant tertiary qualification in Information technology and Minimum of 8 + years of experience in Cyber Security role where you meet business deliverables.
- At least 8+ years' experience in cyber governance, risk, controls, and compliance management in a technology environment
- 8+ years' of experience in IT Audit and Assurance management in a Cyber or technology environment
- Knowledge of common information technology management / compliance frameworks such as ISO/IEC 27001, SOC 2, SOX, ITIL, COBIT, and NIST.
- Knowledge of legal, regulatory and privacy requirements, such as Personally Identifiable Information (PII) Protection and Payment Card Industry (PCI)/Data Security Standard.
- High level understanding and Knowledge of Cloud Risk, Compliance and Assurance
- Proven experience managing and operating multiple security programs, projects, and initiatives and related security tooling
- An ability to think strategically and drive change
- A deep understanding of Tech Security risks and mitigating solutions
- A diverse security background with knowledge in several areas including layered security architecture; internet protocols; firewalls; VPN technologies, IDS/IPS, network access control and network segmentation, anti-malware and spam technologies; risk and vulnerability assessments, and compliance
- Security concepts related to DNS, routing, authentication, VPN, proxy services and DDOS mitigation technologies
- Windows, UNIX and Linux operating system
- Web Application Security & Encryption
- Strong organizational skills and an entrepreneurial drive with a history of recruiting and developing high-performing teams
- Ability to build and manage highly motivated and innovated technical/extended team
- Ability to work under time and resource pressure
- An ability and desire to communicate and work with a broad set of stakeholders
- A customer-focused, responsive, and transparent attitude
- Grasping of technical concepts rapidly and the ability to articulate these concepts to technical and non-technical audiences
- Skilled in communicating with all levels of management.
Beware of fraud agents! do not pay money to get a job
MNCJobs.co.za will not be responsible for any payment made to a third-party. All Terms of Use are applicable.