Information Security Officer
This role is on an independent contractor basis.
We’re looking to expand our team with a sharp, security-minded team player who can design, implement and monitor intelligent information security solutions for our clients and strengthen our position as a preferred IT Governance & Architectural Services consultancy in Africa.
Important things to know about this role
Department: I&T Governance
AA/EE: Not Applicable
Location: Remotely; may need to travel to clients
Contract type: Independent Contractor
You will work closely with the Corporate Governance Team Lead to assist with their security compliance-related activities and responsibilities. Here’s how:
- Develop, implement and maintain Information Security Frameworks, along with policies, procedures, standards, guidelines and controls.
- Research, develop, implement, maintain and update clients’ overall security architecture, including Information Security Strategies and Information Security Programmes.
- Actively ensure appropriate administrative, physical and technical safeguards are in place to protect information assets from internal and external threats.
- Test safeguards (such as disaster recovery and emergency operating procedures) regularly, requiring you to meticulously monitor the security environment to identify and implement both testing processes and corrective actions.
- Thoroughly conduct and complete annual reviews and audits as required engaging both internal and external stakeholders.
- Continually report on the overall status of controls to the GM: IT.
- Act as the committed owner of security incident and vulnerability management processes from design to implementation, monitoring and incident reporting.
- Actively manage and assist in performing on-going security monitoring of information systems, including assessing information security risk through qualitative risk analysis on a regular basis, conducting functional and gap analyses to determine the extent to which key business areas and infrastructure comply with statutory and regulatory requirements, evaluating and recommending new information security technologies and counter-measures against threats to information or privacy, and developing security reports and dashboards.
- Design and deliver effective information security training and awareness programmes in conjunction with the internal training department.
- Diploma or Degree in Computer Science or Information Security.
- Current industry-related certifications, such as CISSP, CISSLP, GIAC or other similarly recognised security certification.
- Minimum 3+ years’ experience in information security management or another corporate governance practice.
Skills & Competencies
- Demonstrate an in-depth knowledge of Information Security risk and industry best practices.
- Excellent intrapersonal skills: integrity, trustworthiness, empathy, dealing with uncertainty, adaptable, approachable, focused.
- Excellent interpersonal skills: problem-solving, negotiation, knowledge sharing.
- Excellent verbal and written communication skills (English, other languages are advantageous).
- Excellent work ethic: energetic, proactive, get-things-done attitude and take responsibility to deliver positive results beyond expectations.
- Solid proficiency in computer literacy and Microsoft Office 2016 / Office 365.
- Customer-centric sales skills and ability to build productive, growth-focused business relationships.
- Although working remotely, the ability to travel to work and to clients (we are situated near Clearwater Mall in Johannesburg).