Description:
Purpose of the Position:To ensure that comprehensive risk management programmes are designed and implemented to identify risk exposures at a process level and to perform a risk assessment to determine the residual risk.Monitor the implementation of the end-to-end governance, risk and compliance in relation to IS and proactively identify cyber security threatsDuties: Implement the information security (IS) strategy and proactively identify cyber-security threatsEnable the implementation of the information security and tech governance strategy for the groupSupport the development of all information security governance models with supporting documents e.g. policies, processes, standards and guidelinesProvide input to consultations with relevant stakeholders across the group on development, implementation and enforcement on all aspects of IS governance (policies, standards etc.)Provide input to the development of threat models for all critical technologies (application and supporting infrastructure).Support the Manager: GRC with info security input into the info Security plans.QualificationsBachelor's degree in Information Technology and/or IT Risk ManagementHonours degree (Adventurous)CISA, CRISC, CISM or CISSP will be an added advantageExperienceA minimum of 3 – 5 years of risk experience in GRC within a large corporate environmentIT industry security certification (CISA, CISSP, CRISC or GIAC) or equivalent working experienceGood information security knowledge across several security domains
10 Apr 2024;
from:
gumtree.co.za