Cyber Security Grc Specialist

Details of the offer

.M-Pesa is a pioneering fintech business and global market leader in mobile money.
Starting from 2007 as a convenient means by which the unbanked and underbanked could make digital payments, M-Pesa has now grown to offer over 60 million active customers Financial Services, Enterprise, Merchant and Retail solutions.
We are proud of our work in enabling the digital economy in our markets, and in driving financial inclusion.M-Pesa Africa is the largest FinTech providing services to more than 60 million customers and 5 million businesses solutions across Financial Services, Enterprise, Merchant and Retail.
We are now well on our way to becoming the preferred digital payment method across the markets that we serve, for both in-store, remote and online payments.
With headquarters in both Nairobi and Johannesburg, we serve markets that include Kenya, Tanzania, DRC, Lesotho, Ghana, Egypt, Ethiopia, and Mozambique.We are a united, energetic and passionate team.
A place where leaders coach, teams connect, and everyone is empowered to go further, faster.
A place where heroes become superheroes; through growth, opportunity, and the chance to work with the best minds in FinTech.Role Purpose:Reporting to Manager – Cybersecurity - GRC, as the Cyber Security GRC Specialist, the successful candidate will be responsible for ensuring that the organization's Cyber Security risks are under explicit management control and as well coordinate strategic integration of Cyber Security programs within M-Pesa Africa.
They will be part of the team that drives compliance to internal and global cyber security related policies and standards, Vodafone Cyber Health & Adaptive Risk Method (CHARM)controls and applicable Kenyan laws and regulations.
Your responsibilities will include:Continually reviewing and updating security policies, standards, and guidelines in response to the ever-changing cyber threats in coordination with the Risk Management team.Monitoring and driving compliance to internal and global cyber security related policies and standards, Vodafone Cyber Health & Adaptive Risk Method controls and applicable Kenyan laws and regulations.Coordinating stakeholders to deliver on targets or agreed business outcomes.Coordinating periodic independent assurance of critical products and services.Coordinating implementation of recommendations from independent assessments.Conducting Cyber Risk Assessments to determine cyber risk profile and define treatment plans.Recommending Cyber Security services improvement plans.Coordinating projects handover process within the cyber security functions.Continually reviewing, implementing and proposing improvements of the user access governance process.Coordinating periodic cyber security knowledge transfer, awareness sessions and phishing simulations to staff in line with strategy.Participating actively in cyber security events and trade shows, reporting and presentations..Experience with the Vodafone Cyber Health & Adaptive Risk Method (CHARM) Program is mandatory.Below are the details for the CHARM Activities:Drive maturity and compliance of the Vodafone Cyber Health & Adaptive Risk Method (CHARM) Program to 100% effective and beyond.Evaluate and carry out CHARM gap assessments across all relevant MPESA Africa business processesDefining and Monitoring CHARM risks & gaps treatment plans Utilising data driven results using KRIs to assess the controls are operating as intendedEnsure new products and implementations are CHARM Compliant before Go LiveConducting deep dive control reviews and providing follow up remediation supportContinually review and keep track changes in CHARM requirements Facilitate a close working relationship with Vodafone CHARM QA team Facilitate workshops and meetings with MPA process owners for CHARM controls awareness, implementations and evidence collectionLead in planning and prioritization of CHARM Evidence collection and submission to the CHARM QA teamPreparation and documentation of quality CHARM evidence work papersSupporting any CHARM external assessments within MPA.Impact on the businessAn inception report with a project management plan at the commencement of the consultancy with the following componentsProcedures and processes for executing the tasksUnderstanding of the objectives, scope and deliverablesMethodologies, CHARM gaps & risks management plan, compliance plan, communication and planning planCHARM compliance gap analysis.
Deliverables are A report with gaps arising out of CHARM non-complianceDocumented and signed off CHARM gaps & risks treatment planCSB Controls requirements awareness to process ownersDrive compliance to CHARM 100%.
Deliverables are: -Document quality CHARM evidence work papersSubmit evidence and validate to an effective score for the conforming and gaps free CHARM controls.The ideal candidate for this role will have:QualificationsAt least one professional Information Security Qualification: CISSP/CISM/CISAAdvanced competencies in Network Security: CCNP or CCIE (Security)Advanced competencies in Microsoft, Linux or Unix Operating Systems administrationAdvance competencies experience in Information Security TechnologiesSkills and ExperienceExperience with the Vodafone Cyber Health & Adaptive Risk Method (CHARM) Program is mandatory.Minimum of 3 years Information Security Governance and Compliance Frameworks.Experience in design, delivery and support of Information Security solutions to customers will be and added advantage.Good communication skills and team player.Experience in the use of security tools.Project management skills, and proven task execution (getting things done).
Superior Report writing skills.Analytical Thinking.Closing date for Applications: 04 December 2024.The base location for this role is, Vodacom Techno Centre, Cape Town.
The Companys approved Employment Equity Plan and Targets will be considered as part of the recruitment process.
As an Equal Opportunities employer, we actively encourage and welcome people with various disabilities to apply.Vodacom is committed to an organisational culture that recognises, appreciates and values diversity & inclusion.


Nominal Salary: To be agreed

Requirements

Software Test Analyst

Purpose Statement To enable software quality assurance by creating a set of activities and scenarios, manual or automated, ensuring that developed software m...


Capitec Bank - Western Cape

Published a month ago

Java Developer

As an Intermediate Software Engineer, your thorough expertise of the Java stack will be critical in moving our projects ahead. You will use frameworks like S...


Iapl - Western Cape

Published a month ago

Senior Devops Engineer

At impact.com we are passionate about our people, our technology, and are obsessed with customer success. Working together enables us to grow rapidly, win, a...


Impact - Western Cape

Published a month ago

Software Engineer (Machine Learning)

We are looking for a Data Scientist to join our Tech Team based in Cape Town. About Aerobotics Our mission is to provide intelligent tools to feed the world....


Aerobotics - Western Cape

Published a month ago

Built at: 2024-11-21T16:41:49.044Z