Job Description

Job Advert Summary

The IT Executive: Security, Risk and Governance is a senior leadership role reporting directly to the Group Chief Information Officer. This role is accountable for establishing and executing PPS's IT security, risk, and governance strategies to protect business operations and enable strategic growth. The incumbent leads the development, implementation, and continuous improvement of cybersecurity frameworks, IT general controls, disaster recovery, and business continuity plans, ensuring resilience, compliance, and proactive risk management across all IT services.



As a key member of the IT executive team, this role provides strategic direction and operational oversight for information security, governance, and risk management, ensuring PPS remains secure, compliant, and prepared for emerging threats. The IT Executive will lead and develop high-performing teams, act as the escalation point for critical security incidents, and serve as the principal advisor to the Group CIO and broader executive on all matters related to IT security, risk, and governance.

Minimum Requirements

Education

Knowledge and Experience

8-10 years of senior leadership experience

in IT Security, Cybersecurity, Disaster Recovery, Governance, Risk, and Business Continuity Management within complex organisational environments. Demonstrated expertise in

designing, implementing, and governing security, risk, and compliance frameworks

(including NIST, ISO 27001, COBIT, and ITIL) at an enterprise level. Deep knowledge of

data privacy, information protection regulations (e.g. POPIA, GDPR), and cybersecurity best practices

. Proven track record of

leading high-performing teams

, developing talent, and fostering a culture of accountability and continuous improvement.

Information security certifications

such as CISSP, CISM, CCISO, or CGEIT. Experience in

budget management, vendor contracting, and financial governance

for security, risk, and governance portfolios.

Experience in requirements analysis, solution design, and architecture reviews

within IT security contexts.

Duties and Responsibilities

IT Security, Risk, and Governance Strategy

Define, implement, and continuously improve PPS's IT security, risk, and governance frameworks, including policies, standards, cybersecurity controls, disaster recovery, and business continuity, ensuring alignment with business strategy and regulatory compliance.

Cybersecurity Leadership and Oversight

Oversee the implementation, integration, and optimisation of cybersecurity solutions and controls, including endpoint protection, data loss prevention, SIEM, vulnerability management, identity and access management, and penetration testing, ensuring effective protection against evolving threats and adherence to PPS's security framework. Improve the maturity of PPS's Information Security posture.

Risk Management, Compliance, and Assurance

Maintain and govern the IT risk register, drive proactive risk management practices, perform operational risk assessments, and ensure risks are assessed, mitigated, and reported to the Group CIO, Audit and Risk Committees, and Group Exco as appropriate. Schedule and oversee IT risk and compliance audits, ensuring remediation and resolution of findings.

Disaster Recovery and Business Continuity

Lead the design, implementation, testing, and continuous improvement of disaster recovery and business continuity plans for all critical IT systems and services, including setting operational acceptance criteria in collaboration with development, testing, and service introduction teams to ensure organisational resilience and readiness for business continuity events.

Information Security Advisory, Awareness, and Industry Insight

Provide strategic advisory on security for projects, technologies, IT assets, applications, and vendors through robust risk assessments and solution design reviews. Oversee security awareness training programmes to ensure a strong security culture, and maintain up-to-date knowledge of emerging security trends, threats, and solutions to keep PPS ahead of evolving risks.

Stakeholder Engagement and Vendor Management

Engage proactively with business and IT stakeholders to communicate security and risk strategies, build shared understanding, and ensure that priorities enable and support business objectives. Oversee contracting and management of external vendors, service providers, and partners to deliver and maintain technology solutions and ensure business continuity.

Financial Management and Governance

Manage OPEX and CAPEX budgets for IT security, risk, and governance functions, ensuring effective financial governance, optimisation of spend, and alignment to strategic priorities.

People Leadership, EVP Implementation, and Team Development

Lead, develop, and manage the IT Security, Risk, and Governance team, implementing PPS's IT Employee Value Proposition to attract, retain, and grow high-performing talent. Foster a culture of high performance, accountability, innovation, and continuous improvement, ensuring the team is structured, resourced, and motivated to meet strategic and operational demands.