Job Description

Purpose of the Position:

• Develop and implement IS and Tech GRC strategy and, manage the end to end governance, risk and compliance function in relation to info sec and provide reports to the CISO and the relevant steering committees.

Qualifications

• University degree in information technology, engineering
• Professional certifications such as Certified Public Accountant (CPA), Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP) and / or Certified Fraud Examiner (CFE) are highly encouraged to apply.

Experience

• At least 5 years of relevant consulting or industry experience, preferably in a professional services environment
• At least 2+ years in managerial role

Duties:xc3x82

• Assist the CISO to establish an information security (IS) and tech gov strategy and proactively identify cyber-security threats
• xc3x82 Implement the information security and tech governance strategy for the group under the guidance of the CISO
• Develop all information security governance models with supporting documents e.g. policies, processes, standards and guidelines with guidance from the CISO.
• Consult with relevant stakeholders across the group on development, implementation and enforcement on all aspects of IS governance (policies, standards etc)
• Manage the end to end governance, risk and compliance in relation to info sec and provide reports to the CISO and the relevant steering committees.
• Ensure that information security is aligned with COBIT framework and implemented according to agreed maturity levels.
• Establish an information security risk management strategy and process to report on info sec risks e.g risk acceptance. Regular reporting to the CISO in this regard.
• Develop threat models for all critical technologies (application and supporting infrastructure).
• Support the CISO with info security input into the info Security plans.
• Develop business cases to secure the budget for improvements in the cyber-security maturity.
• Manage internal ISMS programme and COBIT implementation project and ensure delivery on time and within budget
• Keep abreast of emerging technology trends and the implications on information security.

ExecutivePlacements.com