Head: Information Security &Amp; Facilities Management

Prebless recruitment - Midrand
new offer (03/06/2020)

job description

MAIN PURPOSE OF THE JOBInformation Security Leadership responsible for Developing and execution of enterprise-wide information security and risk management strategies across the organization for African Bank to ensure strategic alignment of security controls and business needs Leading the strategic development of the Information Security Program to manage cybersecurity risks and support customer requirements relating to data confidentiality integrity availability and privacy in alignment with organization s values brand and regulatory standards Facilities Management Leadership Responsible for Oversight management of the required services to sure that the workplace meets the needs of employeesOversight management of services and processes that support the core business of African Bank and that ensure that African Bank has the most suitable working environment for its employees clients partners and their activities Providing strategic direction and day-to-day operations support in relation to buildings and premisesMINIMUM EDUCATION MINIMUM EXPERIENCE Bachelors Degree in Computer Science Information Technology Management Information Systems or similar discipline with a minimum of 15 years of proven success in leadership role Certified Information Systems Security Professional CISSP Certified Information Privacy Professional CIPP and Certified Information Security Manager CISM or other Information Security IT audit certification e g CISA CGEIT CRISC is desirable Knowledge and competency in assessing controlling and managing a variety of risks with experience in risk exposure identification risk evaluation and risk control Thorough knowledge of the Banking industry policies procedures as well as applicable banking regulations is desired 15 years in Financial Services related information technology experience with primary responsibilities in a security related role Some experience in the banking industry is strongly preferred Must have experience in banking sector regulations CRITICAL COMPETENCIESTechnical and or Essential Knowledge Technical and or Essential Knowledge Management experience to be able to Influence others and maintain organizational relationships with both business and IT Maintain organizational respect and trust Handle multiple tasks concurrently Rely on experience and judgment to plan and accomplish initiatives Serve as a resource to others in the resolution of complex problems Delegate and review the work of employees Maintain a professional composure with vendor or internal customers in difficult situations Deep technology heritage to garner the respect of top security technologists as well as the top leaders within the financial industry Extensive knowledge of Information Security standards and best practices i e ISO 7799 27002 NIST etc Knowledge of COBIT and COSO frameworks Computer literate with proficiency in Microsoft Office and Microsoft Project Microsoft Office Information Security GRC Platforms experienceAn understanding of financial services industry core banking applications and systems Functional Skills Knowledge Must be an intelligent articulate and persuasive leader who can serve as an effective member of the senior management team and work collaboratively with regulators Excellent communication skills both written and verbal with the ability to communicate security-related concepts to a broad range of technical and non-technical staff Exceptional presentation skills and ability to formulate presentation for executive and board members that clearly communicates complex and technical terms into business language Strong interpersonal and organizational skills to promote security policies across a diverse array of technology and business units Advanced skills to set work priorities and make independent decisions regarding recommendation for security controls risk migration action plans and project constraints Excellent Leadership Contract Negotiation Strategic Planning Project Management time management and budgetary skills Experience with business continuity planning auditing and risk management Must possess the ability to build and develop a high-performing team of security professionals Must have substantial exposure to data processing hardware platforms enterprise software applications including cloud computing environments Exceptional analytical and problem solving skills attention to detail wide knowledge of technology security compliance and regulatory standards High level of attention to detail and accuracy Willingness and ability to adapt to rapid changes in order to support and use emerging technologies Independent self-starter with excellent problem solving skills KEY PERFORMANCE INPUTS ACTIVITIESStrategic KEY PERFORMANCE INPUTS ACTIVITIES PERFORMANCE INPUTS ACTIVITIESResponsible for the strategic leadership of the organization to establish an inclusive and comprehensive information security program policies procedures and controls in support of business development growth and regulatory standards Lead information security planning processes information security program for the organization and work with executive leadership to prioritize security initiatives and spending based on appropriate risk management and or financial methodology Establish annual and long-range information security and compliance goals define security strategies metrics and reporting mechanisms Create maturity models and a roadmap for continual information security program enhancements that will inspire the balance between the need to protect the organization and the need to run the businessStay abreast of current industry best practices information security issues and regulatory changes affecting the financial services industry and communicate potential impact or need for strategic realignment to executive leadership Provide a leadership philosophy for the Information Security department that creates a strong bridge between IT Business and Banking Operations to ensure an information security culture that values the contributions of others promoting a collaborative working environment bringing organization leaders together to share information and resources for better information security decisions that remove barriers and realize possibilities Reviews and forecasts trends and tendencies to provide visionary and forward looking approaches of the potential information security impact to the organization given the existing control environment RF Policy Compliance and Audit ORMANCE Ensure Information Security Program is in compliance with industry standards and other industry specific regulations Lead the development and implementation of effective and reasonable Information Security policies and practices to secure sensitive data and ensure information security compliance with regulatory and legal standardsWork with Internal Audit regulatory agencies and outside consultants as appropriate for independent security audits required security assessments and forensic analysis as needed Maintain excellent relationships with audit entities and provide a consistent perspective in alignment with the organization s mission and values Provide guidance evaluation and subject matter expertise on audit responses Monitoring and Incident Response ACTIVITIESProvide strategic direction for the Information Security Monitoring Program including the security operations center vulnerability management and access entitlement reviews including ensuring appropriate oversight of the management of access privileges internally and externally to customers Provide strategic direction and oversight of the organization Incident Response Plan and act as primary control point during significant information security incidents Oversee the investigation of security breaches and assist with disciplinary and legal matters associated with such breaches as necessary Risk Management and Access ManagementOversee the development and reporting of Key Risk and Key Performance Indicators for the Information Security Program in alignment with the organization Enterprise Risk Management Program Provide Strategic direction for the organization s Information Security Risk Assessment Program to include Regulatory assessments and Cybersecurity Self Assessments Oversee the design and development of Information Security requirements for the acquisition management and maintenance of third party service provider to support the organization s enterprise wide vendor management program Provide strategic direction to the Information Security office to ensure security control recommendations are implemented for all the organization s new projects products and services Provide strategic direction for the Identity Access Management program and standards for delivering of enterprise-wide identity and access for employees and vendors to the organization s systems and applications ManagementThe oversight of multiple work units and associated staff within Facilities Management General oversight of facilities systems and operations trades PM preventative maintenance program coordinate internal safety compliance 24 7 critical environments Provide general oversight for the Facilities Management including planning monitoring control and review of work unit s functional responsibilities and key metrics N B Collaboration Finance and Human Capital Responsibilities Member of SABRIC CSIRT Steering CommitteePresent to Board Risk Board Audit and Executive Committees as necessaryManage assist and supervise staff on a daily basis Evaluate staff performance and recommend compensation accordinglyEfficient and effective performance management of staff with direct responsibility including hiring performance management coaching annual reviews salary administration and staff developmentResponsible for formulating budgets and financial plans selection and requisition of major equipment and materials and monitoring of ongoing expensesJob Types Full-time PermanentExperience Banking 6 years Required Security 9 years Required

Apply now for
Head: Information Security &Amp; Facilities Management

Warning: you will leave the jobtome site.

These offers may interest you:

Go back