We are looking for an Information Security Officer to work on the implementation of a risk management framework.
The role will involve the assurance and assessment of infrastructure and applications as well as advising technical and business teams on options for secure systems.
- Acting as a security SME supporting service owners in obtaining and maintaining conformance to business risk tolerances.
- Providing briefings to governance boards and key stakeholders on risks to new and existing services.
- Ensuring alignment to appropriate standards and recommending suitable control improvements. Evaluating and raising risks to confidentiality, integrity or availability.
- Advising and guiding business services on maintaining compliance with relevant legislation.
- Contributing to the implementation and development of supporting policies and standards.
- Maintaining a frequent security partner relationship with specified high value services through their service life.
Skills and Experience
- Stakeholder management - internal and external.
- Analysis skills from various sources of information and providing assessments for the business.
- Excellent written and verbal communication skills.
- A broad knowledge of technologies, including common vulnerabilities and exploits.
- A comprehensive knowledge of security controls for modern digital services.
- Knowledge of Cloud technologies
- Technical background
- Leadership skills
Qualifications in the following would be an advantage:
SABSA Chartered Security Architect, CISSP, CISM, CASP+, ISEB Practitioner Certificate in Information Risk Management.