The main purpose of this role will be to support delivery of the Cyber Security program. The analyst will play a critical role in supporting the Risk aspects of information security within Allan Gray to enable the IT team-embedded security analysis and business enablement, and to drive security risk management. This role looks to streamline and manage the risk portion of the security processes in order to support the program. The role requires some technical understanding and a passion for proactive risk and security management.
Job Responsibilities
- Be responsible for proactively updating, maintaining, and improving the Information Security Risk Register
- Work closely with the various Allan Gray IT Teams to co-ordinate and drive to resolution the various Information Security Risk Management activities
- Conduct assurance activities to ensure that information security controls are in place, appropriate and effective
- Help monitor compliance to policies and standards within the security team.
- Help to report on Information Security risks within relevant meetings
- Conduct Cyber Security maturity assessments on in place Information Security controls.
- Coordinate the above activities within the broader security team.
- Think outside the box to envision Information Security risks that may be unnoticeable.
- A strong knowledge of Information Security controls and best practises
- Strong verbal and written English communication skills including report writing
- Be able to work independently as well as in a team.
- Excellent stakeholder management
- The ability to say yes, but and guide teams towards solutions that apply the right level of risk, governance, and security
- Industry recognised certification (s) relevant to information security and risk management (CISA, CISM, CRISC or CISSP).
- Knowledge of Cloud Security
- Grade 12 and relevant degree/diploma (3 years)
- At least 3 years of Information Security as well as risk management experience.