IT Security Governance and Compliance Specialist
Industry: Finance / Job Expires: 2022-04-08 13:02:08 / Location: Gauteng
Develop, enhance and implement enterprise-wide security policies, procedures and standards to meet compliance responsibilities. Define security configuration and operations standards for security systems and applications, including network security appliances, and host-based security systems. Ensure that identified or suspected violations of policies and standards or compromises of sensitive information assets are reported in line with established governance. Define, recommend and manage security controls for information systems. Identify security risks and manage to resolution. Work with other stakeholders on best practice to ensure a coordinated approach and on-going compliance with Data Protection/POPIA from a design stage. Ensure privacy and security of data and segregation of duties in maintaining confidentiality, availability and integrity of information. Monitor and promote awareness on emerging cyber security threats. Facilitate continuous improvement of Security maturity across the organization.
- Bachelor’s Degree in Computer Science, Information Technology, Computer Auditing or Internal Auditing
- CISA, CISSP, CISM, CRISC or equivalent security professional qualification preferable
- 5+ years of experience working in professional information security role.
- Broad information security knowledge across several security domains.
- Experience in developing the appropriate information security governance and compliance measures.
- Experience in managing and developing baseline information security configurations and experience with common industry information security standards and guidelines (such as CIS Controls)
- Experience of identifying risks and developing and implementing policies, procedures and processes.
- Experience of process development and process improvement.
- Knowledge and experience with various Information Security governance and control frameworks (NIST, ISO27001/2, PCI-DSS, CIS Controls).
- Knowledge of security architecture, network security, access control and user access management, encryption, application security, platform security and database security.
- Demonstrable experience in developing and maintaining security management capabilities.
- Experience working with SIEM tools (McAfee ESM) and able to identify tuning recommendations for improved detection and accuracy
- Knowledge of and experience in developing and documenting security processes and plans.
- Thorough understanding of many information security standards and frameworks.
- Security Governance
- Security Compliance Management
- Security Management
- Project Management
- Treating Customers Fairly and Compliance
To apply please send us your detailed CV and certificates to firstname.lastname@example.org or email@example.com or firstname.lastname@example.org.
In case, we have not contacted you in 21 months, please consider your application unsuccessful.