Chief Information Security Officer - JHB at NTT Ltd.

Key Roles and Responsibilities:

• Contributes towards the development and drives the implementation of an organisation-wide information security strategy aligned with the NTT's business objectives.
• Contributes towards establishing and maintaining information security policies, procedures, standards, and guidelines that comply with industry best practices and regulatory requirements.
• Oversees the identification, assessment and management of information security risks across the organisation, including data, systems, networks, and third-party relationships.
• Promotes a culture of security awareness among employees through training, education, and regular communication.
• Oversees the development and execution of incident response plans to effectively address and mitigate security incidents.
• Ensures NTT's compliance with relevant security regulations, laws, and industry standards.
• Assesses and selects appropriate security technologies and solutions to protect NTT's digital assets.
• Implements security monitoring tools and systems to detect and respond to security threats and providing regular reports to executive leadership and stakeholders.
• Stays informed about emerging security threats and industry trends to continuously enhance the organisation's security posture.
• Evaluates security risks associated with third-party vendors and service providers and implementing risk mitigation strategies.
• Effectively communicates security incidents, responses, and mitigation efforts to relevant stakeholders.
• Coordinates and manages internal and external security audits and assessments.
• Provides guidance and leadership to the information security team, ensuring adherence to security policies and procedures.

Knowledge, Skills and Attributes:

• Strong knowledge of security frameworks and standards.
• In-depth understanding of security technologies, tools, and best practices
• Excellent communication and presentation skills with the ability to effectively convey complex security concepts to non-technical stakeholders
• Strong leadership and team management skills to lead and motivate a diverse security team
• Strategic thinking and problem-solving abilities with a focus on delivering results
• Business acumen and the ability to align security objectives with overall business objectives

Academic Qualifications and Certifications:

• Degree in business administration or a technology-related field required (e.g., computer science, information technology, etc.)
• MBA or Masters in IT related field with a security focus preferred
• Related Cybersecurity, risk management and data privacy certifications preferred: CompTIA Security+, CISSP, CISM, CISA, and/or CEH

Required Experience:

• Significant experience in a combination of risk management, information security and IT roles in a global organisation
• Proven track record of successfully developing and implementing enterprise-wide information security strategies and initiatives
• Significant experience with contract and vendor negotiations and management
• Significant experience in Agile (scaled) software development or other best in class development practices
• Significant experience with Cloud computing / Elastic computing across virtualised environments
• Significant experience in risk management, compliance and regulatory requirements related to information security
• Significant experience and working knowledge of the following areas of technical expertise: information policy formulation, information security management, business risk management, IT risk assessment and management, IT continuity management, IT governance formulation, and organisational change management, IT financial management and IT audit