The Chief Information Security Officer (CISO) at GoldenRule Technology (Pty) Ltd

The Role

We are looking for The Chief Information Security Officer (CISO) in Johannesburg and Cape Town. The Chief Information Security Officer (CISO) will be  required to define the strategy and implement necessary framework and controls to continuously improve the bank’s cyber security posture in today’s ever evolving cyber security landscape. The candidate will fit in best with the company culture if they value honesty, integrity, reliability, and can interact, communicate with, and share knowledge with colleagues at all levels, whilst treating them with the utmost respect and professionalism. The Chief Information Security Officer (CISO) will report to the Chief Information Officer. 

Skills and Experience

• Provide leadership and oversight, by setting the direction and implementing the strategy and operating model for cybersecurity function, aligned to the business strategy.
• Establish security roadmap, to deliver contemporary capabilities to proactively deal with, and respond to the evolving threat landscape and to meet the changing business and regulatory requirements.
• Develop and Implement Cybersecurity policies, standards, and guidelines.
• Build and manage a strong team capable of managing cyber risks and responding to day-to-day threats.
• Establish strong governance and assurance controls and processes to continuously measure and improve coverage and operating effectiveness of controls.
• Perform period risk assessments to proactively identity and mitigate cyber risks.
• Engage with business units to ensure consistent application of cybersecurity controls across all business processes, projects, and technology systems.
• Partner with stakeholders across business units to cultivate a strong culture of cyber security at all levels, underpinned by a comprehensive ICS training and awareness plan.
• Measure and Monitor Cybersecurity risk profile and posture and report to appropriate committees and stakeholders.
• Monitor local regulatory and technical developments to ensure that cybersecurity policies are in line with these developments and engage.
• Participate and represent cybersecurity risks in various committees and forums to provide updates and influence positive outcomes for the business.
• Support external audits and reviews including regulatory reviews.

Key Accountabilities

• Bachelor's or Master's degree with additional specialization in Information Systems Security.
• Minimum of 15 years of Cybersecurity experience and out of which a minimum of 5 years in a senior management capacity.
• Experience in managing cloud security in banking and financial services will be a big plus.
• Thorough knowledge of Industry leading frameworks and standards such as NIST CSF, ISO27001 etc.
• Experience in implementing and automating cybersecurity controls for CI/CD pipelines will be a plus.
• Professional security management certification, such as CISSP, CISA, CISM or CISP.
• Strong knowledge of Cloud Security Architecture and Controls required to protect IaaS and PaaS for Public Clouds.
• Strong knowledge of vulnerability & threat management, security logging and monitoring and Identity and access management.
• Strong interpersonal and stakeholder management skills to influence key decisions taken by business and leadership teams.
• Proven Success in Managing risks and Crisis Situations.
• Strong knowledge of local.

Personality and Attributes

• Strategic
• Leading with Influence
• Collaboration (Relating)
• Customer First
• Execution
• Innovation (Perspective)
• Personal Mastery (Learning)

Closing Date: 25th, July 2022