Risk Manager - Information Security at WNS Global Services

Job Description

• To ensure the organizations Information Security Management System is maintained and the compliance of staff and policies, procedures, guidelines and standards used to support the effectiveness of the ISMS. 

Key Responsibilities:

• Carry out all ISMS activities to ensure maintenance of ISO 27001:2005, PCI-DSS certifications at South Africa sites
• Conduct risk assessments on client operations and ensure client’s information security requirements are effectively addressed
• Assist the central management team in overseeing compliance activities relating to information security and privacy
• Act as the central coordinator for actual / potentially Information Security and Privacy incidents at the location and Lead the investigations.
• Professional Knowledge and attributes required:
• Excellent communication skills (written and verbal)
• Excellent understanding of ISO27001 and PCI-DSS and integration and maintenance within an ISMS
• Good working knowledge of Information security related requirements
• Knowledge of IT Corporate Governance Principles
• Ability to evaluate and analyze threat, vulnerability, impact and risk to security issues discovered from security assessments
• Advise on InfoSec security issues, including explanation on the technical details and how they can remediate the vulnerabilities in the systems
• Manage information protection and data privacy with an understanding of POPIA and European GDPR
• Strong understanding of Information technology / IT security concepts
• A good understanding of various information system technologies including: Active directory, Networking, LAN / WAN, firewalls, IDS / IPS, Log management systems, web content filtering systems, enterprise Antivirus management systems, Patch management, OS hardening guidelines, etc.
• Information system auditing experience
• Sound working knowledge of the latest Microsoft packages (Word, Excel, PowerPoint & Outlook)

Preferred skills -

• Meticulous attention to detail
• Ability to work under pressure to strict deadlines
• Ability to works towards team and individual targets
• Building and maintaining effective working relationships, both internal and external teams and clients.

Qualifications

• Relevant tertiary qualification.
• Preferred Bachelors degrees in Computer Science or Computer Engineering.
• Industry related certification required (e.g. CISM, CISA, CEH etc.) preferred ISO 27001 Lead Auditor preferred