Business Information Security Officer
Nedbank
Get a financial partner who will help, guide and support you on your personal journey.
Closing Date - 15 November 2024
Please Note: Preference will be given to applicants from Underrepresented Groups.
Job Family
Risk, Audit and Compliance
Job Classification
Requisition - 136758 - Nozi Masabalala
Cluster - Nedbank Wealth Cluster - Legal Risk Compliance
Career Stream
Information Security Risk
Leadership Pipeline
Manage Self: Leading Expert
Job Purpose
Provide leading expertise and guidance to ensure the security of Nedbank Groups Information Assets. The Group Executive, via the Group Chief Risk Officer, designates the Chief Information Security Officer (CISO), as an independent second line role, to be responsible and accountable overall for the Cyber Resilience Risk Management within the Group.
Job Responsibilities
- Deliver and meet the strategic financial objectives by managing the budget for the Cluster in line with agreed principles.
- Responsible for providing oversight and promoting cyber resilience across the Group.
- Develop and maintain cyber resilience strategy in collaboration with business and Group Technology (GT).
- Responsible for the digitisation of cyber resilience risk management.
- Co-ordinate cyber resilience across Nedbank.
- Provide expert advice on all aspects of cyber resilience, including providing input to specialised cyber business initiatives.
- Act as subject matter expert for the Cyber Resilience Scenario.
- Create and manage the Group's Cyber Resilience Programme.
- Monitor the effectiveness of cyber resilience arrangements and report to the Group Executive Committee and Board.
- Provide oversight in the investigation of cybersecurity incidents.
- Responsible for cybersecurity awareness programme.
- Develop and co-ordinate Group wide cyber risk assessments.
- Co-ordinate compliance efforts to cyber related regulatory programmes.
- Meet business objectives by influencing Information Technology (IT) delivery.
- Responsible to lead operational risk activities and takes greater responsibility for risk and governance.
- Manage material incidents and crises by leading the Cyber Crisis Management Team.
- Influence and set the tone for Cyber Security across the Group.
- Manage cyber co-ordinated assurance.
- Act as the Chair of the Cyber Crisis Management Team, and responsible for developing and maintaining of the Playbooks.
- Be a thought leader on Information Technology (IT) matters across industries.
- Ensure the delivery of key IT projects.
- Ensure that relevant IT policies are in place to mitigate people risk.
- Meet compliance requirements by ensuring that the constructs of risk, governance and compliance are adequately addressed.
- Has sufficient authority, independence, resources and access to the Board - Group Risk and Capital Management Committee (GRCMC), Group IT Committee (GITCo) and Group Audit Committee (GAC).
- Provide an effective challenge that questions existing cyber resilience processes and information, while conducting specific testing of procedures and processes, consistent with the unique aspects of the Group's CRRMF and risk profile.
Essential Qualifications - NQF Level
- Professional Qualifications/Honour’s Degree
Preferred Qualification
- Computer Science and/or Commerce
Preferred Certifications
- Certified Information Security Manager (CISM); Certified Information Systems Security Professional (CISSP). Preferred: Certified Risk & Information Systems Control (CRISC) Certified Information Systems Auditor (CISA)
Minimum Experience Level
11 years experience in banking and an IT environment covering Business Continuity, Disaster Recovery, Information Security, Digital Forensics and Risk Management. 8-10 years being in management.
Technical / Professional Knowledge
- Business continuity standard
- Digital computing (hardware components)
- Digital forensic tools and techniques
- Ethics and Fraud
- Forensic examination
- Information systems
- International Security Forum (ISF) Standards
- Nedbank policies and procedures
- Nedbank vision and strategy
- Relevant software and systems knowledge
- Relevant regulatory, compliance and risk legislation
Behavioural Competencies
- Strategic Influence
- Driving Execution
- Cultivating Networks and Partnerships
- Leading Change
- Operational Decision Making
- Digital Acumen
- Leading Virtual Teams
Please contact the Nedbank Recruiting Team at +27 860 555 566
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
