Job title: Information Security Management Systems Lead
Employment type: Full Time
Experience: 6 to 8 years
Salary: R400000 to R789000
Job published: 27 July 2020
Job reference no: 1296128144

Job Description

• A minimum of B Degree in Computer Science/ Information Technology/ Computer Systems Engineering/ Information Systems OR related field.
• CISM, CISA, ISO 27001 Lead Implementor, Lead Auditor,
• A minimum of 6-8 years of experience in Information Security or related ICT environment and Professional Certification in Information Security.
• Professional experience in running the Governance, Risk and Compliance office applying frameworks to manage, measure and report risks.
• A good understanding of security and privacy regulations such as RICA, POPI, ECT Act, and corporate security policies and procedures.
• Strong understanding of security and auditing standards such as ISO 27001:2013
• Knowledge of various information security domains
• Practical experience of ISMS implementation
• Implement, maintain, monitor and ensure the effective operation of the Information Security Management System (ISMS) following guidelines from the ISO/IEC 27001:2013 standard for the PIC.
• Define and implement key processes and functions required to enable the ISMS in PIC.
• Conduct interviews with relevant responsible and accountable personnel and scrutinise the relevant documentation to ensure that ISMS requirements are met.
Internal Use Only
• Conduct the information security risk assessments and ensure that the risk remediation plans tie in with the controls design and implementation of ISMS.
• Manage and coordinate the risk register, risk exceptions, metrics, reporting and the management of identified information security risk, remediation actions plans from all sources.
• Assist with preparation of information security documentation and executive level reports (e.g. Board, Audit, and Risk Committees).
• Assess and mitigate third party vendor, and information security compliance risks from current and changing business practices, systems, policies, regulations, and laws to ensure secure information handling and exchange processes.
Key Competencies:
• Planning and organising
• Complex problem solving
• Analytical skills
• Inductive and deductive reasoning
• Thinking creatively
• Judgement and decision making
• Confidentiality