Executive: IT Governance & Security
PNet (Pty) Ltd
Gauteng
4d ago

DescriptionRole Description : Define, develop and integrate the strategic plan for information technology security and information assurance, including security architecture.

ï?· Consult with chiefs and executives on the implication of any strategic and tactical information security risks in order to ensure effective information security and to minimize risk.

ï?· Establish and update the information technology security policy which includes information assurance and information compliance as well as the code of ethics incorporating all new legislation and industry standards.

ï?· Design information technology security monitoring documentation, response plans, as well as the documentation content.

ï?· Develop and implement the Information Technology Compliance control framework.ï?· Design and maintain the Information technology Compliance policy and procedures.

ï?· Formulate audit strategy to measure the companyâ??s Information Compliance status.ï?· Identify protection goals, objectives and metrics consistent with the corporate strategic plan.

ï?· Define and execute of planning and implementation for all tools / hardware and software for information technology security.

ï?· Remain up to date and ensure compliance with all legislative requirements in respect of information security and compliance, ensuring company alignment : o Maintain, implement structures and plans and assist with the governance of RICA and POPI InformationCompliance (both local and international compliance).

o Maintain systems and processes to ensure compliance with PASA and PCI DSS (electronic payments) within the organisation.

o Liaise with Legislative authorities and governing bodies.o Keep abreast of any legislative changes at all times, and update, amend / implement policies and procedures accordinglyï?

  • Provide expert guidance to the business on all Information Compliance legislative requirements.ï?· Develop Information Security Risk Management Plans and liaise with Business Continuity Management to maintain an effective BCM information security plans.
  • ï?· Detect and mitigate risk timeously.ï?· Communicate the risk of non-Information Compliance and conduct high level presentations to create awareness and to inform the business of legislative requirements.

    ï?· Schedule audit projects with the scope of overall company risk mitigation to ensure information security compliance and liaise and coordinate with Internal Audit in this regard.

    Monitor all controls in order to provide regulatory risk assuranceï?· Facilitate the translation of the Information Security and Compliance strategy into functional business plans on an annual basis to the companyâ?

  • s business units.ï?· Oversee, organize and conduct all investigations into company Information Compliance activities to mitigate riskï?
  • Investigate and track the companyâ??s Information Compliance statusï?· Review all non-Information Compliance issues and provide resolution.
  • ï?· Report on all non-Information Compliance and risk issues.ï?· Investigate and identify Information Compliance risks and control management initiatives.

    ï?· Liaise with external legal authorities, vendors, auditors and other relevant Information Compliance entities.ï?· Respond to incidents and establish appropriate standards and controls, manage security technologies and direct the establishment and implementation of policies and procedures.

    Liaise with business to develop and implement cyber incident response plans.ï?· Manage identity and access management within the organisationâ?

  • s electronic information systems.ï?· Manage and advise on electronic data loss prevention and data protection within the organisation.
  • ï?· Collate and prepare Information Compliance reports.ï?· Compile risk impact analysis and reportsï?· Prepare and / or present Information Compliance reports for the Risk committee and / or board members, nationally and internationallyï?

  • Strictly apply and adhere to Cell C Health and Safety procedures and rules.Skills and Experience : QualificationsMinimum requirements -
  • Post graduate degreeHons Degree in technology or equivalent degree i.e. BSc / B. TechMasterâ??s degree in an information systems related discipline â?

  • advantageousRequired CertificationCISSP or other security certification / accreditation (in good standing).Advantageous CertificationsISACA (formerly Information Systems Audit and Control Association) membership is preferred.
  • ISSA (Information Systems Security Association) membership is preferred.CISA or CISM certifications through internationally accredited organisations are beneficialExperience10 years driving the Information Technology Security and / or Compliance function in a dynamic, high growth corporate, ideally in the telecommunications industry.

    In addition 3-6 yearsâ?? experience on a senior level as information security officer within a large corporate environment.

    Progressive leadership experience in computing and information security, including experience with internet technology and security issues.

    Proven track record for developing and implementing successful policies and assurance capabilities within a telecoms industry environmentSound knowledge of regulatory Information Compliance (e.

    g. South Africa POPI Act)Experience in auditing, risk management and legal contracts.Experience at executive level within a large companyProfileSee Job Description

    Apply
    Add to favorites
    Remove from favorites
    Apply
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Continue
    Application form