Group IT Cyber and Information Security Manager
The role exists to ensure that the Information Security Risks associated with delivering Technology Solutions and Services to Letshego Business is kept to an acceptable risk level, reducing the recurrence of Audit findings through root-cause analysis. In addition ensuring that the Information and Cyber Security policies and frameworks are aligned to Financial Services best practices and acceptance levels of the Letshego Business owners. Lead team in defining road map for achievement of security maturity based on agreed standards (ISO,NIST,COBIT etc) for IT processesReview of the Groups critical assets, risk assessment and recommendation of appropriate and adequate IT security controls to mitigate and minimise information security risks. Proactively anticipate potential threats and vulnerabilities and provide guidance in coordination with IT teams on effective responses or control measures and improvement of ICT program development, management and evaluation processesContinuous evaluation of effectiveness of ICT controls in addressing risks to ensure consistency in achieving compliance requirements (regulatory, standards and internal policies). Includes coordination of efforts with third parties for penetration testing exercises.Prepare risk reports, guiding the process on management response and driving the mitigation of agreed controlsProduce regular management reports on the status of information and cyber risk across the organisation.Ensure that IT Information and Cyber Security are aligned to Industry developments and opportunities associated with lower risk, higher efficiency or cost optimisationExpected to provide oversight and management to Projects to ensure that Risk reduction, adherence to Information Security Policies are incorporated into solutions developedTravel to different countries subsidiaries should be anticipated on a demand basisCollect information to analyze and evaluate existing or proposed systems, with respect to risk evaluation and compliance to existing or new Information and Cyber Security PoliciesEnsure that the Information Security Policies, Processes and Procedures adequately address the threats to the Group through IT Technology and its associated Customer touch pointsWork with Banking Operations teams and IT Applications to determine areas of System Automation for efficiency, control and risk mitigation with intent to improve overall Service deliveryLead Information and Cyber Security teams to ensure that Projects and initiatives are completed within agreed timelines and budget.Align with Group & Vendor Project Managers, Scrum Masters, Product Managers and staff to ensure that resource planning, prioritisation of activities and commitments to project delivery are aligned and subordinates understand their roles and accountability Establish a strong working relationship with Business Leads, Project Managers, Scrum Masters, Product Managers, Project team members and Vendors to ensure successful delivery of project objectives Adheres to strict governance policy and procedures when executing job responsibilities and accountabilities are met, Internal Control Frameworks, Access Control is implemented to ensure appropriate segregation of duties and or where agreed mitigating controls are in place.Understands and comply with all Group policies and procedures and ensure that these adhere to the highest level of controls.Address control weaknesses and/or audit queries promptly and accountable Technology teams close all items before the designated closure date.Drive access standards and rights to ensure segregation and or risk based control and ensuring access is reviewed and updated in accordance with Access policy.Oversee IT related purchasing budget preparation and monitoring with support from FinanceNegotiation skills are essential to ensure that all Services or Technology procured is achieving best values for the Group
Your application has been successfully submitted.