Information and Cyber Security Risk Manager

Job Summary

To plan, manage and monitor the implementation of risk activities and processes in order to deliver on approved operational plans in an effective and efficient manner.

Job Description

• To provide second line oversight and challenge on information security, technology risk and cyber security to the first line teams.
• Ensure adherence to all relevant regulatory and compliance requirements for the area
• To provide advice and support in practice formulation and associated best practice improvement tactics; enabling the provision of specialist information technology security expertise.
• Use knowledge of cyber security practices such as penetration testing, configuration management, network management, patch management, vulnerability management, cyber incident response, identity and access management, cloud security and encryption to conduct reviews using the risk function’s methodology.
• Develop and maintain relationships with accountable stakeholder management within the bank. The Information and Cyber Security Risk Manager should be able to present effectively at stakeholder meetings and forums (e.g.: Risk and Governance Forums) by sharing knowledge and information, including methodology, standards, changes and new developments, with business stakeholders on an ongoing basis.
• Use business knowledge, and outcomes of assurance work and continuous monitoring to assess evolving risks and the control environment of the bank. The Information and Cyber Security Risk Manager will be required to write high quality reports for presentation at Risk and Governance forums.
• Drive advancement and development in the analytics and robotics automation space through defined strategic initiatives. This will include finding efficient means of performing audit procedures.
• Improve technical knowledge through self-learning or training including mandatory Continuous Professional Education requirements.

Role Specific:

• Information security, information technology and cybersecurity experience of qualifications
• Analytical skills and an eye for detail
• Significant social skills and initiative to deal with the variety of people and situations.
• High degree of keyboard skills, accuracy and speed.
• Relationship management at multiple levels of seniority
• Numerical skills
• Interviewing and recruitment skills
• Listening and questioning skills
• Project management and training skills
• Planning and organisational skills
• Ability to understand broader business issues
• Communication and presentation skills
• Persuading and influencing
• Clear and concise writing and reporting

Person Specific:

• Excellent leadership skills
• Basic understanding of the nature and dynamics of the banking industry
• Negotiation skills
• Good interpersonal skills
• Planning and organising skills
• Resilience and flexibility
• Quality/excellence mindset
• Able to work without supervision
• Personal organization and thoroughness
• Quality conscious initiative and integrity
• Managing relationships
• Results focused

Education

Bachelor`s Degree

Added Advantage: Advanced Diploma or Diploma in relevant professional qualification (IT, Information Security, technology risk etc)

Experience:

• Minimum 5 years work experience.
• Awareness of cultural differences and varying legal/regulatory environments.

Knowledge & Skills:

Essential

• Detailed working knowledge of people, policies and procedures.
• Knowledge of financial and non-financial management information analysis techniques
• Formal qualification or accreditation in the technology, cyber security or information technology/security field, either degree or diploma level.

Preferred

• In-depth understanding of Absa Group and the Absa Africa strategy, operating structure and interfaces with other functions in ambiguous/dynamic environment
• An understanding of the external economic, political, legal and regulatory environment and its internal impacts in the regional and country

Competencies:

• Business management
• Risk Management
• Communication/Influencing skills
• Stakeholder/customer relationship management
• Leadership and people management skills
• Strong data and Digital & Technology experience
• Strong Communication/Influencing skills and managing multiple stakeholders and customer relationships
• Strong influencing and negotiation skills
• Strong Leadership and team-working skills at senior level
• Ability to think creatively and identify innovative solutions

Education

Bachelor’s Degree: Information Technology (Required)