• Login Name       Password       Remember me       LOGIN LOGIN    FORGOT PASSWORD


IM Manager - IT Security, Riskand Compliance

Job Ref
Job Type
Employer Type
Recruitment Agency
Date Added 12 Mar 2018
Expiry Date 26 Apr 2018
* There have been 2 applications to this job.
* This job has been viewed 1539 times.

South Africa



Role details:
One of our topclient based in Vereeniging is seeking to employ an IM Manager - IT Security, Risk and Compliance ona contract basis. possibly to extend and to convert to permanent employment.
- - - - - - - - - - - - - -

The Manager, IT Security, Riskand Compliance is a leadership role responsible for developing, planning and managing anenterprise-wide information security and risk management strategy across theorganization.

The role is to provide vision and leadership for developing and supportingsecurity initiatives; direct the planning and implementation of enterprise IT security systems andaccess, data- and cyber security, business operation, and defenses against security breaches andvulnerability issues; and auditing of existing systems, while directing the administration ofsecurity policies, activities, and standards.

The Manager, IT Security, Risk and Compliance isfurther responsible for proactive planning, trend analysis and reporting as well as communicationwith senior management related to risks and trends. This position collaborates with seniormanagement to continuously improve existing controls and develop effective security and compliancepractices in Enterprise Technology.
Qualifications and Experiencerequirements:
Applicable B-Degree or an equivalent NQF 7qualification.

Security Certifications, including: CEH, CISA, CISSP, CISM, CRISC

COBIT and/orITIL Certification will be beneficial

At least 7 years relevantInformation Management (IM) experience.

Proven experience in planning, organising, anddeveloping IT security system technologies

Experience in planning and executing securitypolicies and standards development

Project management experience.


CAPEX and OPEX budget control.

Stake Holder and Vendor Management

People managementexperience.

Information Technology General Controls (ITGC) and Sarbanes Oxley testingexperience

Experience in IM Security and Risk Management.

Experience in Disaster RecoveryPlanning and implementation.

Proven experience in audit of legislative and/orregulatory compliance.
Knowledge and behaviour requirements:

Information Security,policies, procedures and standards, physical security and network security.

Network, databases,systems and/or Web operations.

Knowledge / application of COBIT(ITGovernance)

Knowledge in ITIL (IT service management) and or

Knowledge in BS25999 / ISO 22301(IT Business continuity management)

ISO 31000 / 31010 – Risk Management


Basic understanding of King III

Regulatory Compliance frameworks.

Relevant Securityand Privacy frameworks e.g ISO27001/2

Business value andService orientated

Negotiation and persuasive skills

Stakeholder involvement andnetworking skills

Self-motivated and perseverance
5. Strategic thinking
Key performanceareas and outputs:

Ensure COMPANY-wide combination of disciplines foreffective company security in the IM, risk and compliance areas.

Alignment with Group and Industrybenchmarking.

Responsible for developing, planning and managing and enterprise-wide informationsecurity and risk management strategy.

Provide vision and leadership for developing andsupporting security initiatives; direct the planning and implementation of enterprise IT securitysystems and access, data- and cyber security, business operation, and defences against securitybreaches and vulnerability issues; and auditing existing systems, while directing the administrationof security policies, activities, and standards.

Proactive planning, trend analysis and reporting aswell as communication with senior management related to IT risks and trends.

Implement a unified IMgovernance, risk management and compliance approach.

Manage all associated activitiescoherently which will create efficiencies and provide a holistic view of the IMenvironment.

Responsible for the responsibility and accountability matrix to ensureappropriate levels of accountable are assigned throughout the business.

Collaboration withsenior management to continuously improve existing controls and develop effective security andcompliance practices in Enterprise Technology.

Create and communicate strategies for riskmitigation.

Track and measure the enterprise’s risk posture.

Liaise between internaland external audit teams.

Schedule and launch periodic auditreviews.

Plan and oversee risk mitigation and remediation projects.

Coordinate Sarbanes Oxley testingacross all Business units for Information Management.

Develop and train team membersand the transfer of knowledge gained through experience.

Develop and deliver riskawareness training for key staff and stakeholders.