Senior Manager: Compliance and Data Protection - Cape Town, South Africa - Tych Business Solutions

Tych Business Solutions
Tych Business Solutions
Verified Company
Cape Town, South Africa

1 week ago

Thabo Mthembu

Posted by:

Thabo Mthembu

beBee Recruiter
Description

Compliance and Data Protection Management is a global position that supports the NTT business by way of protecting NTT's brand, warranting compliance to its regulatory and contractual obligations.

A critical component of this role is to ensure strategic and operational alignment to the global objectives of the Chief Security Office (CSO) and NTT Holdings.

This role is accountable for the preparation, monitoring and implementation of controls for successful completion and maintenance of various compliance programs, including ISO27001, SOC etc.

in line with the NTT Ltd Information Security Management System (ISMS), ensuring that information security is effectively managed in all services and business functions within region.


Responsibilities

  • Monitor the development, evaluation and implementation of cybersecurity controls and ensure protection of company and allied assets and information
  • Support and review customer and vendor contracts to understand and communicate compliance requirements.
  • Consultant with business and technical leadership to ensure that data, processes and technology are designed for data protection and compliance
  • Monitor investigations and documentation of cybersecurity compliance issues and incidents
  • Review information security risk findings and noncompliance with business leaders and proposes solutions to mitigate risks
  • Select, develop and evaluate a team to ensure the efficient operation of the function
  • Contribute to the Group ISMS content development, maintenance and maturity
  • Advise and report to the CSO on all ISMS operational controls, processes and compliance status
  • Implement and Monitor information security operational requirements and information security design criteria and templates
  • Review the security policy with the relevant 3rd parties ensuring that ISM service requirements are met and that integration into access management and security reporting occurs
  • Log major service requests for ISM transition and ensure that service activation, knowledge transfer and change management processes take place
  • Manage the prevention and resolution of security breaches and ensure incident and problem management processes are initiated.
  • Perform baseline security reviews and monitor operational security activities according to the policy
  • Develop, scope and discuss security service audit schedules, review access authorisation and perform the required access controls and penetration testing to identify security weaknesses
  • Document improvement in service design and ensure that the required security plan is developed and reviewed

Required Knowledge, Skills and Attributes

  • Relevant knowledge of information security management and policies
  • Sound understanding of security operational processes and controls
  • Demonstrable understanding of complex interrelationships in an overall system or process
  • Maintain uptodate knowledge of security threats, countermeasures, security tools, and network technologies
  • Relevant knowledge of technological advances within the information security arena
  • Relevant solution and service knowledge
  • Good interpersonal and consultative skills with the ability to map business needs to technology solutions
  • Ability to discuss and report technology and information security risk with nontechnology and executive business stakeholders
  • Ability to display analytical thinking and a proactive approach
  • Team player with the ability to display consistent client focus and orientation
  • Ability to develop, define and articulate ISM strategies
  • Good strategic thinking and decisionmaking abilities
  • Good interpersonal skills with the ability to develop strong business relationships
  • Ability to plan and organize, with good project management skills

Required Experience

  • Demonstrable experience gained within the Technology Information Security Industry
  • Demonstrable experience leading and coaching a team
  • Required Qualifications and Certifications
  • Relevant bachelor's degree, such as a Computer Science degree or equivalent
Security certifications - ISO27001 Lead Auditor; CISA, CRISC or equivalent
More jobs from Tych Business Solutions
See all jobs of Tych Business Solutions