The Job:
Participation in the development, provisioning and successful execution of an information security programme
- Ensure effective communication to all key stakeholders in order to sustain relationships between business and IS
- Interact with compliance, operational risk, audit and legal counsel to understand corporate requirements related to security and regulatory compliance, and map those requirements to current security capabilities.
- Deploy measures, systems and processes to prevent the loss or theft of the Bank's intellectual property.
- Maintain relevant metrics to facilitate reporting and decision making.
- Ensure compliance with existing laws and regulations and ensure a secure IT environment.
- Facilitate, and promote activities to create information security awareness within the organization, including awareness of information security technologies and related regulatory issues that have a potential impact to the environment.
- Assess and detect vulnerabilities and ensure security is designed into the IT Infrastructure, applications and products.
- Recommend process improvements and ensure compliance and adherence to the policy
- Facilitate the reduction and impact of security incidents
- Actively engage and facilitate resolution or recovery of business operations in the event of an incident.
Serve as a facilitator and liaison between the business lines and the Group Information Security community for the successful mitigation of risks through both Run the Bank & Change the Bank activities
- Support cooperative dialogue between business and Information Security that is supported by visible and consistent action
- Contribute to and ensure implementation of the Information Security Strategy is in alignment with the vision of the business.
- Promotes approach to information security by developing and maintaining key relationships in relevant global and regional organisations
- Contributes to the wider management team and attends appropriate meetings/events/governance forums.
Delivery of a robust and fit for purpose approach to adopting information security best practices
- Acts as liaison between Information Security and various Governance, Control & Risk offices within the bank to create and maintain reporting, problem resolution, and other tasks necessary to continuous improvement and evolution of services
- Promotes a continuous awareness of information security value to ensure timely engagement by senior technical and business managers
- Participates in industry education and networking events, maintains relationships with external technology risk community and encourages continuous benchmarking of information security against leading technologies and practices.
Delivery of a operational controls to provide a level of independent assurance to local management
- Establish and maintain a series of operational controls to ensure the correct level of independent oversight covering:
- Disaster recovery testing
- Use of privileged accounts
- End user computing
- Bachelor's Degree in Business or Computer Information Systems/Information Technology
- Possess Business/ Commercial Knowledge:
Process management
· Including knowledge of ITIL processes including change, incident and problem management.
· Including knowledge of standard business processes including work prioritization, best practices
Knowledge of domestic and international banking industry
· Including knowledge of business, products, key clients, business strategy and strategic issues · Including knowledge of regulatory requirements of home markets (e.g., SARB, UK, Argentina)
- Experience working with individuals and teams from diverse cultures
- 2 to 5 years experience in an information technology or information security specialist role within the banking and /or financial services sector
- Experience working with international cross-functional teams fostering collaboration and team work
- Experience working in a multi-vendor and outsourced IT environment
- Experience in developing strategy and frameworks
- Information Security and /or Information Technology industry certification (CISSP, CISM, CISSP-ISSMP or GIAC equivalent) preferred.
_02.jpg)
No comments:
Post a Comment
This blog is only for reference & The info., in this blog is posted as received. If you have any clarifications you can contact the sender of the mail/details not the owner fo the blog...
Note : Blog owner is not responsible for the co., / consultancies standard, its subject to the applier's responsibility to enquire & apply for the positions in the co., / consultancies.