JOB SEEKERS
EMPLOYERS
JOBS QUICK-SEARCH
.net
.net developer
a+
abap
account manager
accountant
admin
administrator
analyst
architect
bookkeeper
business analyst
business intelligence
c#
call centre
ccna
cisco
cloud
cobol
consultant
delphi
desktop
desktop support
developer
engineer
finance
graduate
graduates
helpdesk
internship
it manager
it support
it technician
java
java developer
junior developer
legal
linux
manager
marketing
mcse
network
network administrator
oracle
personal assistant
php
php developer
programmer
project
project administrator
project manager
receptionist
sales
sap
secretary
security
sql
support
technical support
technician
test analyst
tester
web developer
NEWSLETTER
FOLLOW US
Senior Specialist Information Security
Job Ref
282045
Job Type
Permanent
Employer Type
Recruitment Agency
Date Added
28 Oct 2019
Expiry Date 25 Nov 2019
Expiry Date 25 Nov 2019
* There have been 13 applications to this job.
* This job has been viewed 7703 times.
Employer:
BCX 1
Location:
Gauteng
Salary:
Market related
Benefits:
Role details:
- Responsible for the identification, measurement, control and minimisation of loss associated with uncertain risks throughout the ICT environment.
- The development, documentation, implementation and monitoring of an Information risk management framework including policies, standards, procedures, and security architecture to ensure delivery and awareness of sound Information Security management practices company wide, including compliance with national legislation and international standards.
- Researches and stays abreast of worldwide best practice and regulations. Provides expert advice and consultancy with respect to risk management practices and concerns within IT and business architectures, applications, changes, solutions and operational processes.
- Ensuring governance around compliance to PCI DSS 3.2
- - - - - - - - - - - - - -
Key Deliverables:Information Security Risk Management
- Report on Enterprise Information Risk
- Research Identify and Assess Information threats to business (New and existing)
- Project and Change Consultation and Assessment of Risk
- Information Risk assessment, rating, management, and resolution
- Represent Information Security in Governance and Business processes
- Monitor Assess and Report on Operational Security Assurance process
Information Security Governance
- Create/Maintain/Communicate Information Security Policies and Standards
- Ensure Regulatory and Security Policy Compliance and Business Risk alignment
- Manage Policy review, update and approvals process
- Support Security Governance Forum and ISMS Processes
- Maintain Information Security Strategy ensuring Business
Strategy Alignment
- Ensure Information Security Awareness of Policy and Business Risks
Information Security Architecture
- Ensure Enterprise Security Architecture aligns with business requirements and risks
- Advise and recommend Technical Security direction in support of Enterprise Security Architecture
- Define, Assess and Communicate Information Security elements within Business and IT Architecture
- Information Security input to Business cases and projects
- Ensure Information Security Architecture requirements are met within all systems and processes
PCI
- Ensure compliance to processes and procedures with PCI DSS 3.2
- Act as liaison between the PCI QSA and all technical teams
- Ensure Technical support teams collect evidence and perform tasks as per PCI DSS requirements
- Ensure adequate audit trails exist for the detection, investigation and correction of information security breaches, violations and other incidents
Qualifications (specify required qualification, duration, NQF level & desired field of study):
Relevant Degree or Diploma in IT or Information Security (NQF level 7)
Minimum Person Requirements:
Five years or more practical experience in IT or Information Security, which must include an IT, Network or Information Security role, with the last three years in an active Information Security or Information Risk management role.
Certification/ Professional Registration:
Preferred: CISM, CISSP, CISA, SABSA, PCI Qualified Security Assessor
Optional: ISO 27001 Certified ISMS Lead Implementer, CRISC CoBIT, TOGAF, ITIL,
Special Requirements:
- Willing to work overtime hours.
- Valid driver's license.
- Potential travel to support business units in regions
- Ability to solve complex technical, managerial, or operational problems and evaluate options based on relevant information, resources, well-rounded
experience, and knowledge
- Identifies and organises resources needed to accomplish tasks; manages time effectively; monitors performance against deadlines and milestones.
- Strong persuading and influencing ability: Gain clear agreement and commitment from others by persuading, convincing and negotiating; makes a
- Strong personal impact on others