Ops Specialist: Information Sec Risk at Telkom

Core Description

• Responsible for the identification, measurement, control and minimisation of loss associated with uncertain risks throughout the ICT environment.
• The development, documentation, implementation and monitoring of an Information risk management framework including policies, standards, procedures, and security architecture to ensure delivery and awareness of sound Information Security management practices company wide, including compliance with national legislation and international standards.
• Researches and stays abreast of worldwide best practice and regulations.
• Provides support and consultancy with respect to risk management practices and concerns within IT and business architectures, applications, changes, solutions and operational processes.

Job Responsibilities

• Information Security Risk Management
• Report on Enterprise Information Risk
• Research, Identify and Assess Information threats to business (New and existing)
• Project and Change Consultation and Assessment of Risk
• Information Risk assessment, rating, management, and resolution
• Represent Information Security in Governance and Business processes
• Monitor, Assess and Report on Operational Security Assurance process
• Information Security Governance
• Create/ Maintain/ Communicate Information Security Policies and Standards
• Ensure Regulatory and Security Policy Compliance and Business Risk alignment
• Manage Policy review, update and approvals process
• Support Security Governance Forum and ISMS Processes
• Maintain Information Security Strategy ensuring Business Strategy Alignment
• Ensure Information Security Awareness of Policy and Business Risks
• Information Security Architecture
• Ensure Enterprise Security Architecture aligns with business requirements and risks
• Advise and recommend Technical Security direction in support of Enterprise Security Architecture
• Define, Assess and Communicate Information Security elements within Business and IT Architecture
• Information Security input to Business cases and projects
• Ensure Information Security Architecture requirements are met within all systems and processes

Competencies

• Managing Risk
• Acting Decisively
• Testing and Troubleshooting
• Sharing Information

Core Competencies
Core Functional Knowledge/ Skills     

• Information Risk Assessment and Management; Change Management and Change Risk; Security Standards, Policies and Practices; Information Risks within Systems and IT Architecture; Information Risks within people and processes; Enterprise and Security Architecture; Operational Security Practices and Management Information Security Awareness; Analytical and investigative; Communication and Interpretation; Decision making; Problem solving; Project and complex task management; Risk Awareness and explanation    

Competencies (Behaviour) 

• Integrity; Assertive; Confident; Initiator; Supportive; Persuasive; Team Player; Problem Ownership

 
Education

• NQF 6: 3 year Diploma/ National Diploma in Information Technology

Experience

• 3 Years relevant experience

Certifications
Special Requirements

• Valid Drivers license
• Security clearance/Integrity assessment
• Ability to work after hours
• Physical Requirements
• Key Stakeholders

Additional Information
Certification:

• Preferred: CISM, CRISC; CISSP, CISA, SABSA
• Optional: CoBIT, TOGAF, ITIL