This role is a key contributor to IT Strategy and will be responsible for monitoring and evaluating the ICT standards and compliance being used in the ICT department and focusing on improving current business practices and processes in line with the entity's objectives with a special focus on cybersecurity.
RESPONSIBILITIES:
Key Performance Area: ICT policy framework and management
Develop and maintain ICT policies/standards/guidelines designed to establish controls to address risks, and operate ICT effectively and efficientlyMonitor external standards and risk/control trends to determine if internal ICT practices are contemporary with industry, regulatory and/or business expectations.Create any required templates and standards to be adopted by ICTDevelop and implement information security policies, standards, and proceduresKeep the CapeNature policy taxonomy updated and ensure AGSA review requirements are met.Key Performance Area: ICT risk management and mitigation
Facilitating risk assessments, maintaining the risk register and risk reporting.Coordinate communications related to ICT Governance, Risks, and Controls.Collaborate with ICT Manager in reporting on ICT to the ICT Steering committee as well as any other identified Committees.Design framework and define document structure for the disaster recovery plan documentation.Key Performance Area: ICT Compliance and Auditing
Ensure ICT management and staff are aware of responsibilities related to internal and external ICT audits, audit observations/deficiencies responses, and corrective action ownership.Plan and coordinate any required ICT governance training.Participate in any project-related work to address technologies compliance as mandatedIdentify gaps in the effectiveness of the implemented ICT controlsPerform regular reviews to ensure that vendors follow governance framework and SLA deliverables are being adhered toRegular reviews on systems and user access.
Key Performance Area: Project governance
Responsible for the governance of ICT related projectsResponsible for project gate reviews and influencing go-no-go decisions.Key Performance Area: Incident Response and Management
Continue to develop and maintain an incident response plan and the supporting processes and playbooksEnsure that legal and regulatory requirements are met should any incidents occurLead the response to security incidents, including investigation, containment, eradication, and recovery MINIMUM REQUIREMENTS: Qualifications and Experience Bachelor's Degree or NQF level 7 diploma in Computer Science/Information Technology or AuditingCOBIT foundations certificate or CISA certificationOther ISACA qualifications will be an advantage e.g. CGEIT, CISM, CRISC,COBIT5 years' experience in ICT Governance, risk and compliance or auditing of ICT environmentsExperience and working knowledge of industry frameworks (ISO 27001/2 and ISO9000, ITIL etc.)Competencies Customer service orientationStrong communication skillsPrioritisation and time managementAbility to work under pressure and meet deadlinesStrong ability to pay attention to detail and be analyticalGood problem-solving skillsGood project planning and organizing skillsComputer literacy plus advanced proficiency in MsOfficeContinual improvement mindset
Closing date 11 June 2024
#J-18808-Ljbffr
