• Login Name       Password       Remember me       LOGIN LOGIN    FORGOT PASSWORD


Senior Specialist Information Security

Job Ref
Job Type
Employer Type
Recruitment Agency
Date Added 28 Oct 2019
Expiry Date 25 Nov 2019
* There have been 13 applications to this job.
* This job has been viewed 6090 times.


Market related


Role details:
Core Description:

- Responsible for the identification, measurement, control and minimisation of loss associated with uncertain risks throughout the ICT environment.
- The development, documentation, implementation and monitoring of an Information risk management framework including policies, standards, procedures, and security architecture to ensure delivery and awareness of sound Information Security management practices company wide, including compliance with national legislation and international standards.
- Researches and stays abreast of worldwide best practice and regulations. Provides expert advice and consultancy with respect to risk management practices and concerns within IT and business architectures, applications, changes, solutions and operational processes.
- Ensuring governance around compliance to PCI DSS 3.2
- - - - - - - - - - - - - -
Key Deliverables:

Information Security Risk Management
- Report on Enterprise Information Risk
- Research Identify and Assess Information threats to business (New and existing)
- Project and Change Consultation and Assessment of Risk
- Information Risk assessment, rating, management, and resolution
- Represent Information Security in Governance and Business processes
- Monitor Assess and Report on Operational Security Assurance process

Information Security Governance
- Create/Maintain/Communicate Information Security Policies and Standards
- Ensure Regulatory and Security Policy Compliance and Business Risk alignment
- Manage Policy review, update and approvals process
- Support Security Governance Forum and ISMS Processes
- Maintain Information Security Strategy ensuring Business
Strategy Alignment
- Ensure Information Security Awareness of Policy and Business Risks
Information Security Architecture
- Ensure Enterprise Security Architecture aligns with business requirements and risks
- Advise and recommend Technical Security direction in support of Enterprise Security Architecture
- Define, Assess and Communicate Information Security elements within Business and IT Architecture
- Information Security input to Business cases and projects
- Ensure Information Security Architecture requirements are met within all systems and processes
- Ensure compliance to processes and procedures with PCI DSS 3.2
- Act as liaison between the PCI QSA and all technical teams
- Ensure Technical support teams collect evidence and perform tasks as per PCI DSS requirements
- Ensure adequate audit trails exist for the detection, investigation and correction of information security breaches, violations and other incidents

Qualifications (specify required qualification, duration, NQF level & desired field of study):

Relevant Degree or Diploma in IT or Information Security (NQF level 7)

Minimum Person Requirements:

Five years or more practical experience in IT or Information Security, which must include an IT, Network or Information Security role, with the last three years in an active Information Security or Information Risk management role.

Certification/ Professional Registration:

Preferred: CISM, CISSP, CISA, SABSA, PCI Qualified Security Assessor
Optional: ISO 27001 Certified ISMS Lead Implementer, CRISC CoBIT, TOGAF, ITIL,

Special Requirements:

- Willing to work overtime hours.
- Valid driver's license.
- Potential travel to support business units in regions
- Ability to solve complex technical, managerial, or operational problems and evaluate options based on relevant information, resources, well-rounded
experience, and knowledge
- Identifies and organises resources needed to accomplish tasks; manages time effectively; monitors performance against deadlines and milestones.
- Strong persuading and influencing ability: Gain clear agreement and commitment from others by persuading, convincing and negotiating; makes a
- Strong personal impact on others