Job Description

Purpose of the Position:

• To ensure that comprehensive risk management programmes are designed and implemented to identify risk exposures at a process level and to perform a risk assessment to determine the residual risk.
• Monitor the implementation of the end-to-end governance, risk and compliance in relation to IS and proactively identify cyber security threats

Duties:xc3x82

• Implement the information security (IS) strategy and proactively identify cyber-security threats
• Enable the implementation of the information security and tech governance strategy for the group
• Support the development of all information security governance models with supporting documents e.g. policies, processes, standards and guidelines
• Provide input to consultations with relevant stakeholders across the group on development, implementation and enforcement on all aspects of IS governance (policies, standards etc.)
• Provide input to the development of threat models for all critical technologies (application and supporting infrastructure).
• Support the Manager: GRC with info security input into the info Security plans.

Qualifications

• Bachelor's degree in Information Technology and/or IT Risk Management
• Honours degree (Adventurous)
• CISA, CRISC, CISM or CISSP will be an added advantage

Experience

• A minimum of 3 xc3xa2xe2x82xacxe2x80x9c 5 years of risk experience in GRC within a large corporate environment
• IT industry security certification (CISA, CISSP, CRISC or GIAC) or equivalent working experience
• Good information security knowledge across several security domains

ExecutivePlacements.com