JOB SEEKERS
EMPLOYERS
JOBS QUICK-SEARCH
.net
.net developer
a+
abap
account manager
accountant
admin
administrator
analyst
architect
bookkeeper
business analyst
business intelligence
c#
call centre
ccna
cisco
cloud
cobol
consultant
delphi
desktop
desktop support
developer
engineer
finance
graduate
graduates
helpdesk
internship
it manager
it support
it technician
java
java developer
junior developer
legal
linux
manager
marketing
mcse
network
network administrator
oracle
personal assistant
php
php developer
programmer
project
project administrator
project manager
receptionist
sales
sap
secretary
security
sql
support
technical support
technician
test analyst
tester
web developer
NEWSLETTER
FOLLOW US
Information Technology Security Manager
Job Ref
268876
Job Type
Permanent
Employer Type
Company
Date Added
22 Nov 2016
Expiry Date 20 Dec 2016
Expiry Date 20 Dec 2016
* There have been 14 applications to this job.
* This job has been viewed 3824 times.
Employer:
Standard Bank
Location:
Gauteng
Salary:
Market related
Benefits:
Role details:
- - - - - - - - - - - - - -
Work with IT partners to provide IT Security Advisory services and guidanceDevelop and maintain relationships with key stakeholders to further embed the partnership that exists between IT Security, IT and the business.
Research and maintain knowledge of the IT threat landscape, security trends, regulatory requirements, new technologies and best practices in order to provide sensible and pragmatic security advice to stakeholders.
Provide ad-hoc consulting and engagement with various business units on secure, cost effective and practical control implementations across various platforms and/or systems.
Facilitate the adoption of IT Security solutions e.g. privilege user management or access management processes and services e.g. IT Security risk assessments and penetration tests.
Provide adequate IT Security input into all technology solutions; this includes the requirements for the evaluation, selection, installation, configuration and maintenance of hardware, applications and software.
Develop an effective line of business IT Security strategy that supports and enables business strategy.
Advise IT business partners on regulatory and/or legal requirements as it relates to securing of data as well as assist with the implementation of the controls to support these requirements.
Establish relevant metrics and management information to facilitate reporting and decision making.
Facilitate the reduction in the number and impact of IT Security incidents.
Act as a single point of contact for IT security risks, incidents and controls within the business units.
Identify, Assess and remediate Technology and IT Security risks
Develop an IT risk assessment schedule across the respective lines of business / business units.
Conduct reviews of applications, systems, underlying infrastructure and related processes as per the schedule.
Establish and maintain risk profiles for business units by facilitating the implementation and ongoing management of general control reviews.
Develop a cost-conscious risk treatment plan based on identified risks, vulnerabilities, audit findings, policies and regulatory requirements.
Collaborate with project management, architecture, IT, business, vendors and other stakeholders to investigate risk remediation controls.
Assist in documenting and tracking security findings into a formal risk register. Provide the necessary information to support any deviation to IT Security policies and standards.
Facilitate technical system reviews by working with the Penetration Test Team and assist business with interpretation and implementation of required controls.
Recommend the implementation of effective controls to support defined security policies and standards. Co-ordinate and track the implementation of remediation plans.
Establish relevant metrics and produce risk reports for stakeholders highlighting key risks, incidents progress and status to assist in decision making.
Participate in incident response planning and investigation of security breaches, and assist with disciplinary and legal matters associated with such breaches as necessary.
Drive appropriate Logical Access Management practices in IT
Establish, maintain and improve logical access management practices by the application of appropriate manual and/or automated processes in order to provide assurance that the right people have the right level of access to the banks information.
Implement and validate all aspects of the access management lifecycle, as prescribed by the appropriate policies and standards.
Implement additional processes, such as Segregation of Duties, Password Safes and Audit trails, to address the risk posed by privileged IT users.
The success of these activities must translate into the reduction of logical access audit findings and security breaches of a logical access nature, by embedded logical access practices into Business processes, and by a positive trend of various metrics being used to track maturity and control failures.
Create awareness of IT Security good practices to the IT community
Develop an awareness plan for the line of business that is fit for purpose, aligned with strategy and considers a range of risk data points e.g. audit findings, risk and control self-assessments, IT Security risk assessments, emerging threats and risks, and incidents.
Create awareness to the IT Executives and broader IT community on the back of new threat and risk intelligence. Proactively create awareness on recurring risk themes.
Implement the awareness plan through various delivery mediums.
Measure the effectiveness of the awareness plan through sampling, surveys, tests, attendance registers or equivalent.
Assist with implementation of IT Security Policies, Standards and Guidelines
Participate in the development of new and the annual review of existing IT Security Policies, Standards and Guidelines by providing input to enhance the quality and completeness of these documents.
Communicate the requirements for compliance to the IT Security Policies, Standards and Guidelines to the relevant parties within IT.
Identify areas of non-compliance to IT Security Policies and Standards within IT.
Alert the responsible parties in IT where there is non-compliance to IT Security Policies and Standards and work with them to identify and recommend practical and feasible remediation plans and technical solutions.
Report on the level of compliance and progress towards achieving compliance to IT Security Policies, Standards and Guidelines to the IT business
Managing of resources/ people
Manage the Headcount & Budget for your business area/ department and ensure you remain within your allocated numbers for the year in collaboration with your Head, Finance and Human Capital Business Partner.
Participate in attracting resources through following and adhering to the recruitment practices. Through collaboration with the Resourcing Manager/Consultant and or Human Capital Business Partner build a pipeline for critical roles in your business area.
Ensures the effective selection of staff by matching the skills and competencies to the requirements of the job, by following the recruitment policies and procedures.
Ensures skills assessments and competency-based training takes place as and when required.
Collaborate with Resourcing Manager/ Consultant and plan the on-boarding process for new entrants. Arrange, allocate and provide IT equipment, desk, telephone, parking and systems access to all required systems for new entrants and transfers into your department.
Develop and cascade Performance Management goals/contracts and Development plans with all subordinates in line with Group standards and timelines.
Ensure teams goals are captured and updates on system are completed as per Group timelines.
Host one on one discussion at least monthly and two formal performance discussions per year. Communicate to all subordinates performance ratings, areas of improvement and provide recognition for areas that employee performed well in.
Follow the poor performance process when required in accordance with Group policies and timelines. Consult with Human Capital Business Partner for support with the Poor Performance or Wellness situations.
Host team meetings on a monthly or as frequently as required and communicate strategy and business communications to team.
Follow the Disciplinary & Grievance procedures and adhere to specified requirements as laid out in the policies of the bank.
Execute Talent Management practises, such as having career discussions, participating in a talent review and following through on agreed activities. Participate in Talent Management initiatives/ practises as required by Group.
Responsible for the retention of relevant skills in order to meet the business needs.
Responsible for inspiring, motivating, leading and managing the allocated team Responsible for inspiring, motivating, leading and managing the allocated team.
Develop and manage a Succession plan for your area, ensuring that the succession plans are updated on an annual basis.
Takes personal responsibility for coaching and mentoring others.
Effectively delegates authority and responsibility, in line with business objectives, to ensure the empowerment, motivation and effectiveness of all direct and indirect reports.
Promotes a culture where the values of the Bank are seen to be alive.
Ensures the implementation of the leadership competencies and employee engagement programmes (e.g. OHI).
Partner with Human Capital Partner to facilitate and co-create Occupational Health Index (OHI) Manage the Headcount & Budget for your business area/ department and ensure you remain within your allocated numbers for the year in collaboration with your Head, Finance and Human Capital Business Partner.
Participate in attracting resources through following and adhering to the recruitment practices. Through collaboration with the Resourcing Manager/Consultant and or Human Capital Business Partner build a pipeline for critical roles in your business area.
Ensures the effective selection of staff by matching the skills and competencies to the requirements of the job, by following the recruitment policies and procedures.
Ensures skills assessments and competency-based training takes place as and when required.
Collaborate with Resourcing Manager/ Consultant and plan the on-boarding process for new entrants. Arrange, allocate and provide IT equipment, desk, telephone, parking and systems access to all required systems for new entrants and transfers into your department.
Develop and cascade Performance Management goals/contracts and Development plans with all subordinates in line with Group standards and timelines.
Ensure teams goals are captured and updates on system are completed as per Group timelines.
Host one on one discussion at least monthly and two formal performance discussions per year. Communicate to all subordinates performance ratings, areas of improvement and provide recognition for areas that employee performed well in.
Follow the poor performance process when required in accordance with Group policies and timelines. Consult with Human Capital Business Partner for support with the Poor Performance or Wellness situations.
Host team meetings on a monthly or as frequently as required and communicate strategy and business communications to team.
Follow the Disciplinary & Grievance procedures and adhere to specified requirements as laid out in the policies of the bank.
Execute Talent Management practises, such as having career discussions, participating in a talent review and following through on agreed activities. Participate in Talent Management initiatives/ practises as required by Group.
Responsible for the retention of relevant skills in order to meet the business needs.
Responsible for inspiring, motivating, leading and managing the allocated team Responsible for inspiring, motivating, leading and managing the allocated team.
Develop and manage a Succession plan for your area, ensuring that the succession plans are updated on an annual basis.
Takes personal responsibility for coaching and mentoring others.
Effectively delegates authority and responsibility, in line with business objectives, to ensure the empowerment, motivation and effectiveness of all direct and indirect reports.
Promotes a culture where the values of the Bank are seen to be alive.
Ensures the implementation of the leadership competencies and employee engagement programmes (e.g. OHI).
Partner with Human Capital Partner to facilitate and co-create Occupational Health Index (OHI) planner with team. Participate in executing the OHI planner to ensure culture is enhanced.
Collaborate with Learning and Development consultant and or Human Capital business partner in creating and executing a learning and development planner for your business area.
Ensure employees utilize SABA learning system to book training.
Ensure employees execute all compliance training within the Group timeframes.
Consult with learning and development consultant on needs not listed in Standard bank Group catalogue.
Ensure all training plans agreed with employees are executed.
Prepare and participate in annual Reward practises in accordance with Group policies, guidelines and timelines.
Utilize recognition programmes in accordance with Group policies, practises, guidelines and timeframes thereby ensuring that staff are appropriately and consistently rewarded and recognised for their achievements and outputs.
Fosters the transformation of the workplace and supports business in the achievement of the undertakings in the transformation scorecard.
Action Exit process in accordance with Group policies, practises, guidelines and timeframes.
Ensure that all systems access has been revoked on the agreed timeline of the termination of contracts as well as retracting all Standard Bank equipment (including cards, keys, etc).
Manage sick leave and overtime reports and take corrective action where appropriate, alternatively collaborate with Human Capital Business Partner to assess risks and remedial action.
Action and manage the Occupational Health and Safety procedures and report incident according to Group policies, procedures and timelines.
Complete the Compensation Occupational Injury and Disease documentation in accordance with Group
Strategic Leadership
Provide leadership of the development, provisioning and successful execution of an IT Security programme for the IT business unit.
Manage of the respective business unit IT Security team.
Develop a robust and fit for purpose approach to adopting IT Security best practices.
Develop a strategy for the improvement IT Security capability maturity in line with the business IT strategy.
Contribute to the development of the IT Security Strategy by ensuring alignment to operational risk and information risk strategies and business objectives.
Translate the strategy into a specific course of action, set of goals and outcomes.
Effectively communicate with the line of business IT Executives to ensure support and for commitment for the IT Security programme and prioritize security investments in line with risk appetite.
Lead and guide team members in the application of IT security expertise towards the diagnosis of security problems, evaluation of solutions and delivery of solutions.
Identify opportunities for the development of new IT Security services and controls.
Develop high-level business cases in support of new IT Security services to
Create an environment that embraces change and innovation. Drive continuous improvement and help others to accept new ideas.
Contribute towards shareholder value through courageous decision-making that supports the organisations vision.
Requirements
Qualifications
Information Security related Certification (CISSP, CISM, CRISC, CISA)
Degree in Computer Science
Experience
Job Function: Information Technology
Job Family: IT Security
Years: 7-10 years
Experience Description: Prior industry experience in the corporate (preference Financial Institution) environment in an IT Security role.
Job Function: Information Technology
Job Family: IT Security
Years: 7-10 years
Experience Description: Experience in directly assessing and communicating Risk Exposures and developing risk mitigation plans.
Job Function: Information Technology
Job Family: IT Security
Years: 5-7 Years
Experience Description: Experience in working with international and cross functional matrix environments. Experience in engaging with a broad spectrum of stakeholders including senior executives. 3-4 Experience in managing and coaching people.