Purpose of the Position:Develop and implement IS and Tech GRC strategy and, manage the end to end governance, risk and compliance function in relation to info sec and provide reports to the CISO and the relevant steering committees.QualificationsUniversity degree in information technology, engineeringProfessional certifications such as Certified Public Accountant (CPA), Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP) and / or Certified Fraud Examiner (CFE) are highly encouraged to apply.ExperienceAt least 5 years of relevant consulting or industry experience, preferably in a professional services environmentAt least 2+ years in managerial roleDuties:Assist the CISO to establish an information security (IS) and tech gov strategy and proactively identify cyber-security threatsImplement the information security and tech governance strategy for the group under the guidance of the CISODevelop all information security governance models with supporting documents e.g. policies, processes, standards and guidelines with guidance from the CISOConsult with relevant stakeholders across the group on development, implementation and enforcement on all aspects of IS governance (policies, standards etc)Manage the end to end governance, risk and compliance in relation to info sec and provide reports to the CISO and the relevant steering committeesEnsure that information security is aligned with COBIT framework and implemented according to agreed maturity levelsEstablish an information security risk management strategy and process to report on info sec risks e.g risk acceptance. Regular reporting to the CISO in this regardDevelop threat models for all critical technologies (application and supporting infrastructure)Support the CISO with info security input into the info Security plansDevelop business cases to secure the budget for improvements in the cyber-security maturityManage internal ISMS programme and COBIT implementation project and ensure delivery on time and within budgetKeep abreast of emerging technology trends and the implications on information security#J-18808-Ljbffr