Cyber Security Risk Specialist

Cyber Security Risk Specialist

Apply locations Johannesburg Cape Town time type Full time posted on Posted 4 Days Ago job requisition id JR-63736

Let's Write Africa's Story Together!

Old Mutual is a firm believer in the African opportunity and our diverse talent reflects this.

Job Description

Position Overview:

We are seeking a proactive and detail-oriented Cyber Security Risk Specialist to join our Cyber Security team. Reporting to the Cyber Risk Lead, you will be responsible for assessing and ensuring the effectiveness of controls in our cloud environment, performing comprehensive security due diligence reviews, and conducting ongoing security posture monitoring of new and existing third-party vendors.

Key Responsibilities:

• Perform security risk assessments on the organization’s cloud infrastructure to ensure controls are in place and effective.
• Conduct third-party security due diligence reviews for new vendors and ongoing assessments for existing vendors.
• Collaborate with cross-functional teams to identify and mitigate security risks in the supply chain and cloud environment.
• Maintain and improve the third-party risk management framework, ensuring compliance with internal policies and external regulations.
• Develop and present risk assessment reports to stakeholders, providing actionable recommendations.
• Monitor the security posture of third-party vendors through continuous assessment processes and industry-standard tools.
• Support incident response activities related to third-party vendors and cloud environments.
• Keep up-to-date with emerging cyber threats, technologies, and regulatory changes affecting third-party risk management.

Key Performance Indicators (KPIs):

• Risk Assessment Completion Rate: Complete 100% of scheduled third-party and cloud risk assessments within the designated timeframes.
• Risk Mitigation Effectiveness: Achieve a reduction in identified high-risk issues by at least 80% within six months of discovery.
• Vendor Compliance Rate: Ensure at least 95% of third-party vendors meet the organization’s security requirements.
• Incident Response Timeliness: Respond to third-party and cloud-related security incidents within the defined SLA (e.g., 4 hours for critical incidents).
• Audit Readiness: Maintain 100% readiness for internal and external audits with no major findings related to third-party or cloud security controls.
• Stakeholder Satisfaction: Achieve high satisfaction scores in performance feedback surveys.

Qualifications:

• Bachelor’s degree in Cyber Security, Information Technology, or a related field.
• Relevant certifications (e.g., CISSP, CISM, CRISC, CCSK, or equivalent) are highly desirable.
• Minimum of 3-5 years of experience in cyber security risk management, with a focus on cloud environments and third-party risk.
• Understanding of cloud security frameworks (AWS) and third-party risk management processes.
• Experience with security assessment tools, cloud security monitoring solutions, and regulatory compliance standards.
• Excellent analytical, communication, and stakeholder management skills.
• Ability to work independently and collaboratively in a fast-paced environment.

Why Join Us?

• Opportunity to work with cutting-edge cloud technologies in the digital banking sector.
• Collaborative and innovative work environment.
• Competitive salary and comprehensive benefits package.
• Professional development and continuous learning opportunities.
• Be part of a team that values integrity, transparency, and excellence in cyber security.

The appointment will be made from the designated group in line with the Employment Equity Plan of Old Mutual South Africa and the specific business unit.