Information Security Officer

• 7 years' experience in Technology Security or Risk Management roles of which should include:

• 4 years in Technology Policy writing.
• 4 years' experience in designing, implementing and closing Technology general control gaps.
• 3 years' experience in directly assessing and communicating Risk Exposures and developing risk mitigation plans.
• 3 years' experience in coordinating large projects or initiatives across multiple areas.
• 4 years' experience in people management, including coaching and mentoring.
• IT Bachelor's Degree or Degree in Computer Science or IT Best practise.
• Professional Registration or Membership- Information Security Forums, ISACA, ISC2 would be advantageous.
• Security related certification- advantageous.

• Implement the Technology Strategy & Innovation for your area of responsibility.
• Organize outputs aligned to the Technology risk strategy, internal controls and budget of internal resourcing and partnerships to assure Technology Compliance to best practise and regulatory compliance.
• Execute Analysis & Planning Activities.
• Research, develop and maintain a knowledge base of the IT threat landscape, security trending, regulatory requirements, mobile and other new technologies to mitigate and plan against threats.
• Implement the Design for your Area of Responsibility.
• Design and manage a roadmap for information security related to internal controls, compliance, regulatory and a proactive risk mitigation plan for the Technology department.
• Implement & execute on activities within your area of responsibility.
• Build and measure business relationships with key internal and external stakeholders to proactively consult and mitigate security threats.
• Develop and maintain an internal security audit framework to implement standards toward zero downtime and zero audit findings.
• Ensure risk and quality management.
• Consolidate and review monthly payments to vendor providing an analysis on the spend.
• Drive the proactive audit framework and compliance.
• Implement and manage the technology self-audit framework.
• Create and manage partnerships to manage, maintain and optimise Technology Risks toward a future focused innovative Strategy.
• Create awareness of IT Security good practices to the IT end user and technical community.
• Measure the effectiveness of the awareness plan through sampling, surveys, tests, attendance registers or change management initiatives.
• Create a Conductive environment which translates into productivity and high morale.
• Act as a change management architect in periods of change to ensure continuity to operations.

Teleresources