Overview
Officer, Information Security Jobs in Johannesburg, Gauteng, South Africa at Standard Bank Group
Title: Officer, Information Security
Company: Standard Bank Group
Location: Johannesburg, Gauteng, South Africa
Company DescriptionStandard Bank Group is a leading Africa-focused financial services group, and an innovative player on the global stage, that offers a variety of career-enhancing opportunities – plus the chance to work alongside some of the sector’s most talented, motivated professionals. Our clients range from individuals, to businesses of all sizes, high net worth families and large multinational corporates and institutions. We’re passionate about creating growth in Africa. Bringing true, meaningful value to our clients and the communities we serve and creating a real sense of purpose for you.
Job DescriptionTo implement the Group Cyber Resilience strategy securing platforms ecosystems 3rd party integration protecting sensitive data, applications and supporting infrastructure from infiltration or misuse guiding security capabilities in client segment and solutions. Facilitate security services ensuring that policies, standards and controls are embedded to prevent reputational, financial or other losses and compliance with regulatory requirements. Educate employees about their InfoSec responsibilities
Qualifications
A degree in Business Commerce, Information Technology, Risk Management.
Experience:
5-7 years experience in an information security or Audit role within the banking and /or financial services sector. Experience working in a multi-vendor and outsourced and multi-system IT environment.
5-7 years Good working knowledge and experience with the implementation and management of information security policies and frameworks within a corporate environment. Management experience working with individuals and teams from diverse cultures.
5-7 years Strong IT understanding, gaining insight into digital and platform operating models and cyber security trends and solutions
Additional Information
Key Responsibilities:
Alert the responsible stakeholders where there is non-compliance to Cyber Resilience Policies and Standards, and work with them to identify and recommend practical and feasible remediation plans and technical solutions Assess information security maturity scores and guide the implementation thereof for continual awareness and prioritisation efforts and ensure compliance to information security standards is monitored.
Collaborate with feature teams, product owners, architecture, IT, business, vendors and other stakeholders to investigate risk remediation controls Collaborate with threat intelligence, cybersecurity, security engineering and other risk functions to develop and maintain a holistic information security strategy and remediation plans
Communicate and raise awareness regarding policies in the business, technology and risk communities. Conduct information security assessments and provide specialist advice and guidance on critical third parties / material outsource arrangements in client segments and solutions to ensure information security risks are identified and appropriately mitigated
Create awareness of security trends and threats to the technology and operations executives and broader stakeholder group on the back of new threat and risk intelligence. Proactively create awareness on recurring risk themes Develop a cost-conscious risk treatment plan based on identified risks, threats, vulnerabilities, audit findings, policies and regulatory requirements.
Develop a security assessment schedule and conduct reviews of applications, systems, underlying infrastructure and related processes as per …
