logo

INFORMATION SECURITY AND RISK SPECIALIST   DETAILS

JOB NAME

INFORMATION SECURITY AND RISK SPECIALIST


POSTED BY: Development Bank of Southern Africa
REF:DBSA 88
Date Published:Monday, January 27, 2020
Date of Expiration:Saturday, July 25, 2020 EXPIRED
RECOMMEND THIS JOB ON FACEBOOK

LOCATION OF THIS JOB
 South Africa |  MIDRAND in South Africa
INDUSTRY
DEVELOPMENT FINANCE INSTITUTIONS
JOB TYPE
Full-Time
MAIN JOB DESCRIPTION
Reference Number DBS200120-2
Job Title Information Security and Risk Specialist
Job Grade 16
Job Type Classification Permanent
Location - Town / City Midrand
Location - Province Gauteng
Location - Country South Africa

JOB DESCRIPTION
The purpose of this role is to perform information security responsibilities such as developing, coordinating and implementing policies, standards, and procedures to safeguard the bank’s information systems and data.

Ensuring that information security policy is aligned with the bank’s business strategy & benchmarked with best practice.

Strategic Focus:
1. Define and implement ICT Security strategy for the bank
2. Establish a framework for the implementation of an Information Security Management System (ISMS) that reflects the bank’s security needs and objectives
3. Develop ICT Security Policies, Processes, Procedures and Standards in line with industry benchmarks and where applicable best practices
4. Assess potential areas of risks and opportunities of vulnerability in the network and on information technology infrastructure and applications
5. Oversees the planning, execution and management of projects related to compliance, control assurance, risk management, security and infrastructure / information asset protection
6. Provide strategic / tactical direction and consultation on information security and compliance
7. Design an effective ICT Security Architecture Financial Management:
8. Develop an effective stakeholder Service Level Agreement Management for ICT Security
9. Advise ICT management on cost effective solutions for Information Security solutioning
10. Implement cost effective ICT Security solutions Information Security Management:
11. Design and coordinate the processes for the detection, investigation and correction of ICT security breaches and incidents
12. Assess and implement the controls needed to protect the bank’s information as well as information from third parties
13. Plan and participate in ICT Continuity and Disaster Recovery process;
14. Perform periodic reporting to key stakeholders regarding the bank’s ICT Security state
15. Provide ICT security advisory services to the different BU’s within the bank
16. Initiates and conduct independent corporate security risk assessments
17. Coordinate corrective actions for identified security vulnerabilities and gaps.
18. Work with the CIO, Executive team, and Group Risk Management to determine acceptable levels of risk for the enterprise (Risk Champion)
19. Maintain ICT Risk Management at strategic and operational level
20. Ensure effectiveness and maturity growth of the bank’s ICT Security Program
21. Ensure ICT Assets are safeguarded to protect the information
22. Ensure privacy and security of data and segregation of duties in maintaining confidentiality, availability and integrity of information
23. Develop and provide appropriate awareness training / plans and communication Capacity Building:
24. Conduct continuous market research on trends and best practice relating to ICT Security
25. Establish communication programs that will raise and maintain awareness of information security throughout DBSA
26. Conduct awareness sessions to ensure that DBSA staff are educated of their roles and responsibilities relative to information security governance
REQUIREMENTS FOR THIS JOB
QUALIFICATIONS
1. B. degree (IT/Information systems) or BTech in IT or Information Security
2. Post graduate qualification in ICTSecurity information Management will be advantageous.
3. 4 – 6 Years of experience in ICT Information Security Management and / or IT Risk Management Skills & Knowledge
4. Relevant certification (CISM, CISA, CRISC)
5. Strong technical background and knowledge
6. Exposure to cyber risk frameworks (NIST, ISF, Iso27001/2, FFIEC)
7. Ability to create metrics, presentations to various stakeholders
8. IT Governance and risk management experience
9. Practical experience in IT or Information Security and Information Risk management role.
10. Exposure to cyber security or SOC monitoring.
11. Optional: CoBIT, TOGAF, ITIL
12. Must be analytical and investigative.
13. Must display good decision making and problem-solving skills.•

EXPERTISE & TECHNICAL COMPETENCIES
TECHNICAL COMPETENCIES
Planning & Organizing
1. Is relied on to help others plan and organise their workload.
2. Effectively uses advanced time management processes to deal with high workload and tight deadlines.
3. Organises, prioritises and schedules tasks so they can be performed within budget and with the efficient use of time and resources.
4. Achieves goals in a timely manner, despite obstacles encountered, by organising, reprioritising and re-planning

Negotiation Skills
1. Understands and can apply basic negotiating skills and techniques, e.g. obtaining a full understanding of the other party's agenda and needs before disclosing own perspectives.
2. Possesses an understanding of various unspoken communications from other parties and can decipher hidden agendas.
3. Is able to successfully conclude negotiations which require the development of an emotional as well as factual argument.
4. Is able to develop mutually-beneficial potential solutions.

Written Communication
1. Understands that different writing styles are required for different documents or audiences.
2. Write effective correspondence, prepares questions and reports, statements of circumstance and briefing notes.
3. Reviews others’ documents for clarity and impact.
4. Has a solid mastery of writing principles such as grammar, sentence construction etc.

REQUIRED PERSONAL ATTRIBUTES
BEHAVIOURAL COMPETENCIES
Customer Service Orientation
1. Tries to understand the underlying needs of customers and matches these needs to available or customized products and services.
2. Adapts processes and procedures to meet on-going customer needs.
3. Utilises the feedback received by customers, in order to develop new and/or improve existing services/ products that relate to their on-going needs.
4. Thinks of new ways to align DBSA’s offerings with future customer needs.

Self-awareness and Self Control
1. Withholds effects of strong emotions in difficult situations.
2. Keeps functioning or responds constructively despite stress.
3. May apply special techniques or plan ahead of time to manage emotions or stress.

Strategic and Innovative Thinking
1. Experiments with new approaches, tests scenarios, questions assumptions and challenges conventional thinking.
2. Creates new concepts that are not obvious to others, leveraging internal and external sources of information, to build incremental revenue and growth opportunities.

Driving delivery of results
1. Sets challenging goals that will have a significant impact on the business or support the organisational strategy.
2. Commits significant resources and/or time to ensure that challenging goals are achieved, while also taking action to mitigate risk.

Teamwork & Cooperation
1. Acts to promote a friendly climate and good morale, and resolves conflicts.
2. Creates opportunities for cross-functional working.
3. Encourages others to network outside of their own team/department and learn from their experience.


Get our latest news & updates

AfricaSkillz Office

 

 

Pagemill Nigeria Limited is the owner of the “AFRICASKILLZ” website and trademark. RC 1117964
© 2016 AFRICASKILLZ — ALL RIGHTS RESERVED