• Senior Manager: Information and Cybersecurity Risk Midrand
  • African Bank in Midrand, , South Africa
  • jobs
  • 1 week ago

jobs description

Purpose of the Role:

Leading and managing Information and Cybersecurity Risk oversight activities on internal and externally facing platforms. Facilitate the development of Information Risk and Cybersecurity Risk Governance artifacts.

Contribute to the development of Information and Cybersecurity Risk Plans and related work plans. Build and maintain relationships with the allocated portfolio of business units and other assurance providers. Attend and present at selected governance committee meetings.

Minimum Education and Experience:
• Bachelor’s degree in Computer Science, Information Technology or related degree
• Certified Risk and Information Systems Control (CRISC)
• Certified Governance for IT (CGIT)
• At least 7 years overall Information and Cybersecurity Risk management experience and at least 3 years in management
• Demonstrated knowledge and practical Information and Digital Risk Management experience

Role Responsibilities:

Implementation of the IT Infrastructure Risk... Management Framework
• Implement the Information Risk and Cybersecurity Risk Management Frameworks and assurance and ensure adherence thereof.
• Contribute to the strategic direction of the organization’s IT/Cyber Risk and Governance program.
• Scan the macro and microeconomics environment to identify Information risks that may impact the organization’s ability to deliver its objectives and incorporates such insights into the originations Risk status.
• Identify Information Risk and Cybersecurity Risk gaps through an approved tool and address quick wins in an agile, efficient and sustainable manner.
• Identify effective controls as the complexity and make recommendation to First Line of Defense.
• Maintain the Information and Cybersecurity risk register and issue register, including tracking of risk priority to the company and issue remediation as they progress.
• Information and Cybersecurity risk assurance reviews across the enterprise to enable educated leadership decisions on IT and business strategy.
• Develop and maintain robust metrics to measure the progress of the Information and Cybersecurity Risk and Governance program and identify trends pertaining to the environment.
• Review exception requests to standard cybersecurity controls to identify resulting risk in preparation for leadership decisions.
• Develop and lead initiatives to improve the Information and Cybersecurity Risk management proposition through the identification and execution of process improvement efforts.
• Communicate and interact effectively and professionally with co-workers, management, customers, etc.
• Maintain complete confidentiality of the business and risks.
• Collaborate with IT, business and other internal stakeholder to ensure continuous monitoring and assurance in conducted in a relevant, timely and cost-effective manner.
• Collates independent assurance reporting on the robustness of Information and Cybersecurity Risk and present to senior and executive management.
• Advise and guide the business leadership ensuring that cybersecurity decisions are made in alignment with the overall risk management and IT frameworks of the Bank and are compliant with both local and international financial regulations to safeguard the Bank’s from any potential financial and reputational risk.

Enterprise Risk Assessor (ERA) maintenance and support
• Develop and maintain ERA to facilitate effective risk management and reporting throughout the Group.
• Provide continuous ERA support to all business units.
• Liaise with ERA provider to facilitate the use of latest version and appropriate co-operation.

Monitor Operational Losses related to Information and Cybersecurity Risk and Reporting/feedback
• Monitor operational losses related to Information and Cybersecurity Risk by analyzing trends and communicating these throughout the bank.
• Advise direct manager and provide clarity on the successful capturing and reporting of operational risk losses.
• Incorporate actual loss experience into the assessment of risks by management.
• Analyze and report on loss trends, advise appropriate corrective action and report for submission to and approval by direct manager.
• Implement corrective action to facilitate that future losses are prevented

Client Relationship Management
• Create and maintain productive relationships with internal clients through providing advice and conducting client visits.
• Assist the client to understand the ‘real’ versus ‘perceived’ (substance over form) need through the application of risk strategy, leadership, experience and expertise.
• Keep the client informed about progress on the real need through written communication, telephone communications and interpersonal meetings.
• Provide input to facilitate the required assurance to the operational risk function on
• regulatory requirements per assignment.

Special Projects
• Project Planning and Time management.
• Scheduling / Conducting and attending relevant meetings.
• Regular update and reporting.
• Achieving set milestones and deadlines.

People Management
• Provide vision and big picture thinking in the context of IT Risk and Governance leadership.
• Establish and maintain high performance teams that are innovative and strategic.
• Ensure employees align to the Bank’s strategy, follow approved bank policies and comply to relevant regulations.
• Promote and live the Bank’s values and principles
Midrand South Africa


Apply - Senior Manager: Information and Cybersecurity Risk Midrand