Subscribe to Job Alert
Join our happy subscribers
Never pay for any CBT, test or assessment as part of any recruitment process. When in doubt, contact us
Nedbank Group Limited is a bank holding company that operates as one of the four largest banking groups in South Africa. The company's shares have been listed on the JSE Limited since 1969. The group offers a wide range of wholesale and retail banking services through four main business clusters, namely Nedbank Corporate and Investment Banking, Nedbank Retai...
Job Purpose
To support the business cluster in the implementation and execution of the cyber resilience risk management framework that includes implementation of cyber risk assessments, strategy, cyber security programme, policies, standards, reporting of all cluster-specific cyber security programme elements and regulatory matters as it relates to cyber security.
Job Responsibilities
Become the information security expert for the cluster by providing expert advice on information security matters.
Build and maintain professional relationships by information sharing and professional networking within the bank.
Build and maintain internal stakeholder relationships through collaboration with stakeholders and regular communiction via various media.
Drive compliance to security policies and standards on cluster infrastructure.
Primary interface between the cluster and the CISO office.
Represent business an an Information Security representative on the ISSC; ensure alignment and implementation of CRRMF in clusters.
Assist the cluster in the completion of cyber secuity risk assessments ensuring that they are understood, captured in the risk management processes that appropriate controls are embedded in the day-to-day operation, and remediation of non-compliance is documented and addressed.
Report of all cluster specific information security programme elements; work closely together with all stakeholders.
Actively executes the cyber security programme elements and other information and cyber security plans developed by the business.
Assist the cluster with identification of critical assets ("crown jewels") and feeding that back into the business impact analysis and risk management processes.
Work with the business to develop processes and procedures to ensure information security policies and standards are integrated and assist with third party supplier information and cyber security risk assessments and assurance.
Support the achievement of the business strategy, objectives, and values by ensuring delivered systems, process, services and solutions are aligned.
Identify training courses and career progression for self through input and feedback from management.
Ensure all personal development plan activities are completed within specified timeframe.
Share knowledge and industry trends with team and stakeholders during formal and informal interaction.
Obtain buy-in for developing new and/or enhanced processes (e.g. operational processes) that will improve the functioning of stakeholders businesses by highlighting benefits in support of the implementation or recommendations.
Contribute to a culture conducive to the achievement of transformation goals by participating in Nedbank Culture building intiatives (e.g. staff surveys etc).
People Specification
Essential Qualifications - NQF Level
Professional Qualifications/Honour’s Degree
Preferred Qualification
Master's Degree
Preferred Certifications
Certified Information System Manager (CISM);
Certified Risk and Information Systems Control (CRISC);
Certified Information System Auditor (CISA);
Certified Information Systems Security Professional (CISSP).
Type of Exposure
Analysing situations or data that requires an evaluation of multiple factors
Displaying high level of ethics, integrity and confidentiality
Conducting root cause analysis
Information security investigations e.g. virus outbreaks
Conducting digital forensic analysis
Presenting to senior leaders
Networking and building relationships
Monitoring adherence and compliance
Conducting Business Continuity planning and testing
Conducting Business Impact Analysis
Implementing governance frameworks; architecture policies; procedures and standards
Conducting research from multiple sources
Identifying business risks
Managing a team of people
Minimum Experience Level
Minimum 5 years experience in Information Security Risk.
Technical / Professional Knowledge
Business continuity standard
Digital computing (hardware components)
Digital forensic tools and techniques
Ethics and Fraud
Forensic examination
Information systems
International Security Forum (ISF) Standards
Nedbank policies and procedures
Nedbank vision and strategy
Relevant software and systems knowledge
Relevant regulatory, compliance and risk legislation
Behavioural Competencies
Earning Trust
Continuous Learning
Decision Making
Facilitating Change
Influencing
Technical/Professional Knowledge and Skills
Build your CV for free. Download in different templates.
Join our happy subscribers