Business Information Security Officer

Nedbank
Johannesburg
ZAR 300 000 - 400 000
Job description

Nedbank

Get a financial partner who will help, guide and support you on your personal journey.

Closing Date - 15 November 2024

Please Note: Preference will be given to applicants from Underrepresented Groups.

Job Family

Risk, Audit and Compliance

Job Classification

Requisition - 136758 - Nozi Masabalala

Cluster - Nedbank Wealth Cluster - Legal Risk Compliance

Career Stream

Information Security Risk

Leadership Pipeline

Manage Self: Leading Expert

Job Purpose

Provide leading expertise and guidance to ensure the security of Nedbank Groups Information Assets. The Group Executive, via the Group Chief Risk Officer, designates the Chief Information Security Officer (CISO), as an independent second line role, to be responsible and accountable overall for the Cyber Resilience Risk Management within the Group.

Job Responsibilities

  • Deliver and meet the strategic financial objectives by managing the budget for the Cluster in line with agreed principles.
  • Responsible for providing oversight and promoting cyber resilience across the Group.
  • Develop and maintain cyber resilience strategy in collaboration with business and Group Technology (GT).
  • Responsible for the digitisation of cyber resilience risk management.
  • Co-ordinate cyber resilience across Nedbank.
  • Provide expert advice on all aspects of cyber resilience, including providing input to specialised cyber business initiatives.
  • Act as subject matter expert for the Cyber Resilience Scenario.
  • Create and manage the Group's Cyber Resilience Programme.
  • Monitor the effectiveness of cyber resilience arrangements and report to the Group Executive Committee and Board.
  • Provide oversight in the investigation of cybersecurity incidents.
  • Responsible for cybersecurity awareness programme.
  • Develop and co-ordinate Group wide cyber risk assessments.
  • Co-ordinate compliance efforts to cyber related regulatory programmes.
  • Meet business objectives by influencing Information Technology (IT) delivery.
  • Responsible to lead operational risk activities and takes greater responsibility for risk and governance.
  • Manage material incidents and crises by leading the Cyber Crisis Management Team.
  • Influence and set the tone for Cyber Security across the Group.
  • Manage cyber co-ordinated assurance.
  • Act as the Chair of the Cyber Crisis Management Team, and responsible for developing and maintaining of the Playbooks.
  • Be a thought leader on Information Technology (IT) matters across industries.
  • Ensure the delivery of key IT projects.
  • Ensure that relevant IT policies are in place to mitigate people risk.
  • Meet compliance requirements by ensuring that the constructs of risk, governance and compliance are adequately addressed.
  • Has sufficient authority, independence, resources and access to the Board - Group Risk and Capital Management Committee (GRCMC), Group IT Committee (GITCo) and Group Audit Committee (GAC).
  • Provide an effective challenge that questions existing cyber resilience processes and information, while conducting specific testing of procedures and processes, consistent with the unique aspects of the Group's CRRMF and risk profile.

Essential Qualifications - NQF Level

  • Professional Qualifications/Honour’s Degree

Preferred Qualification

  • Computer Science and/or Commerce

Preferred Certifications

  • Certified Information Security Manager (CISM); Certified Information Systems Security Professional (CISSP). Preferred: Certified Risk & Information Systems Control (CRISC) Certified Information Systems Auditor (CISA)

Minimum Experience Level

11 years experience in banking and an IT environment covering Business Continuity, Disaster Recovery, Information Security, Digital Forensics and Risk Management. 8-10 years being in management.

Technical / Professional Knowledge

  • Business continuity standard
  • Digital computing (hardware components)
  • Digital forensic tools and techniques
  • Ethics and Fraud
  • Forensic examination
  • Information systems
  • International Security Forum (ISF) Standards
  • Nedbank policies and procedures
  • Nedbank vision and strategy
  • Relevant software and systems knowledge
  • Relevant regulatory, compliance and risk legislation

Behavioural Competencies

  • Strategic Influence
  • Driving Execution
  • Cultivating Networks and Partnerships
  • Leading Change
  • Operational Decision Making
  • Digital Acumen
  • Leading Virtual Teams

Please contact the Nedbank Recruiting Team at +27 860 555 566

Get a free, confidential resume review.
Select file or drag and drop it
Avatar
Free online coaching
Improve your chances of getting that interview invitation!
Be the first to explore new Business Information Security Officer jobs in Johannesburg