Key Accountabilities & Interfaces
- Ensure appropriate administrative, physical and technical safeguards are in place to protect the organisation's information assets from internal and external threats.
- Ensure compliance to the organisation Information Security and ICT governance framework, including maintaining related policies, standards, procedures and guidelines.
- Conduct cybersecurity vulnerability scans and risk assessments on a regular
- Assist with investigations and coordinating the resolution of security
- Assist with cybersecurity and ICT governance related audits and third-party penetration
- Respond to internal and external audit findings related to cybersecurity and ICT
- Conduct functional and gap analyses to determine the extent to which key business areas and infrastructure comply with statutory and regulatory requirements.
- Evaluate and recommend new information security technologies and countermeasures against threats to information or privacy and developing security reports and dashboards.
- Ensure effective staff training programs are in place to increase security awareness across the organisation.
- Level of compliance of ICT to best practice and standards (e.g. ISO 27001, ISO 38500, COBIT, CGICTPF, etc.)
- % related audit findings resolved
- % threats and vulnerabilities circumvented
- Effectiveness of awareness programs
- Bachelors degree or equivalent in Information Technology or related field
- Experience and knowledge of Information Security and ICT Governance
- Related certification (CISM, CISA, CEH, or CISSP)
- Exposure to Cyber Risk (IS27001/2) and Governance (ISO 38500, COBIT) frameworks
- Strong technical background and knowledge desired
