Specialist - IT Security Governance - Pretoria, South Africa - Professional Sourcing

Professional Sourcing

Verified Company

Pretoria, South Africa

1 week ago

Posted by:

Thabo Mthembu

beBee Recruiter

Description

Job Overview:

A highly reputable and national assurance concern located in Pretoria East requires the expertise of a
Specialist - IT Security Governance for a permanent role at the head office of the organization.

Position Overview:

The purpose of this position is
_to develop and maintain the Information Technology (IT) security governance frameworks, policies, processes and procedures_ through implementation of best practices and approved IT governance framework.

One will also
responsible for monitoring compliance to
IT security policies and their alignment with the organization's business objectives,
_ensuring that IT maintains a clean audit report_ by
_proactively monitoring IT security controls_, taking corrective action in
_respect of IT audit findings, plan and execute IT security awareness campaigns_ and work collaboratively with internal stakeholders.

This position reports to a _
_

Senior Manager:
Technology Governance, Risk and Compliance._

Key Performance areas include:

-
Strategic function - _Contribute to the development of IT security governance frameworks_**_ and strategies for the organisation_.
-
IT security governance - _Provide support to the senior leadership team on the _
_service portfolio and governance requirements

_:
-
Drive the development,
_implementation, delivery, and support_ of an
_enterprise information security strategy_ aligned to the strategic requirements of the organisation.
-
IT risk management -
_Drive vulnerability assessments__ across various architectures and platforms._
-
Drive penetration testing across various architectures and platforms.
-
Compliance management -
_Facilitate active engagement in ICT internal control meetings_ _focusing on the identification_ of e_merging and existing risks, escalation, mitigation and remediation_ to _ensure an environment of continuously improving ICT risk management and reduction of non-compliance culture._
-
Clean IT administration (resolution of IT audit findings) -
_Review IT audit reports__ and follow up with IT audit findings owners in respect of actions to close the findings._
-
Education and Awareness -
_Provide support to the IT management in awareness activities_ in respect of IT security compliance and compliance requirements.
-
Reporting - _Tracks and reports on risk management trends_**, _opportunities and remediation_ and provides monthly reports/updates to the leadership team.
-
Stakeholder Management - _Establish, build and maintain collaborative working relationships_ with relevant internal and external stakeholders.

Essential Experience, Qualifications and Skills Required:

Minimum Requirements:

-
Minimum of a Degree/diploma (NQF
7) in
_Information Technology/Information Systems or Computer Science_.
- _PLUS any of the following_ certifications:_

- CISA, CISM, CRISC or CISSP.

- COBIT/ ITIL Training.
-
_5 Years' experience in IT auditing_ or
_ICT security governance_ in a _medium to large organisation_, with
_3 years managing_
IT audit teams and _working with COBIT processes._