Closing Date - 15 November 2024Please Note: Preference will be given to applicants from Underrepresented GroupsJob FamilyRisk, Audit and ComplianceInformation Security RiskManage Self: Leading ExpertJob PurposeProvide leading expertise and guidance to ensure the security of Nedbank Groups Information Assets. The Group Executive, via the Group Chief Risk Officer, designates the Chief Information Security Officer (CISO), as an independent second line role, to be responsible and accountable overall for the Cyber Resilience Risk Management within the Group.Job ResponsibilitiesDeliver and meet the strategic financial objectives by managing the budget for the Cluster in line with agreed principles.Responsible for providing oversight and promoting cyber resilience across the Group.Develop and maintain cyber resilience strategy in collaboration with business and Group Technology (GT).Responsible for the digitisation of cyber resilience risk management.Co-ordinate cyber resilience across Nedbank.Provide expert advice on all aspects of cyber resilience, including providing input to specialised cyber business initiatives.Act as subject matter expert for the Cyber Resilience Scenario.Create and manage the Group's Cyber Resilience Programme.Monitor the effectiveness of cyber resilience arrangements and report to the Group Executive Committee and Board.Provide oversight in the investigation of cybersecurity incidents.Responsible for cybersecurity awareness programme.Develop and co-ordinate Group wide cyber risk assessments.Co-ordinate compliance efforts to cyber related regulatory programmes.Meet business objectives by influencing Information Technology (IT) delivery.Responsible to lead operational risk activities and takes greater responsibility for risk and governance.Manage material incidents and crises by leading the Cyber Crisis Management Team.Influence and set the tone for Cyber Security across the Group.Manage cyber co-ordinated assurance.Act as the Chair of the Cyber Crisis Management Team, and responsible for developing and maintaining of the Playbooks.Be a thought leader on Information Technology (IT) matters across industries.Ensure the delivery of key IT projects.Ensure that relevant IT policies are in place to mitigate people risk.Meet compliance requirements by ensuring that the constructs of risk, governance and compliance are adequately addressed.Has sufficient authority, independence, resources and access to the Board - Group Risk and Capital Management Committee (GRCMC), Group IT Committee (GITCo) and Group Audit Committee (GAC).Provide an effective challenge that questions existing cyber resilience processes and information, while conducting specific testing of procedures and processes, consistent with the unique aspects of the Group's CRRMF and risk profile.Essential Qualifications - NQF LevelProfessional Qualifications/Honour's DegreePreferred QualificationComputer Science and/or CommercePreferred CertificationsCertified Information Security Manager (CISM); Certified Information Systems Security Professional (CISSP). Preferred: Certified Risk & Information Systems Control (CRISC) Certified Information Systems Auditor (CISA)Minimum Experience Level11 years experience in banking and an IT environment covering Business Continuity, Disaster Recovery, Information Security, Digital Forensics and Risk Management. 8-10 years being in management.Technical / Professional KnowledgeBusiness continuity standardDigital computing (hardware components)Digital forensic tools and techniquesEthics and FraudForensic examinationInformation systemsInternational Security Forum (ISF) StandardsNedbank policies and proceduresNedbank vision and strategyRelevant software and systems knowledgeRelevant regulatory, compliance and risk legislationStrategic InfluenceDriving ExecutionCultivating Networks and PartnershipsLeading ChangeOperational Decision MakingDigital AcumenLeading Virtual Teams
#J-18808-Ljbffr