Latest Jobs at Multichoice

Purpose of the Position:

To plan, direct, or coordinate activities of an organization to ensure compliance with ethical or regulatory standards.
Key Performance Objectives

Tasks

Process

• Analysis of BTD management practices
• Gap analysis on existing processes
• Design and Improve processes
• Documenting of processes and work flows
• Development of clear and detailed process maps
   

Risk Management

• Facilitated monthly GRC meetings
• Risk articulation and reporting
• Maintenance of the risk register - Actions and controls added to each risk
• Risk tracking and monitoring (including following up on actions)
• Facilitated annual review workshops for technical limitations
• Record all identified tech limitations & SPOF - publish for BTD and continuously update the lists.
• Process improvement
• Record and distribute Progress Reports
• Risk Mitigation
• Reporting of risk to group risk / Naspers

Governance

• Updated governance documents (policies, procedures and standards)
• Process improvement
• Maintenance of policy register
• Awareness initiatives of existing policies
• Creation of new policies in line with best practice

Compliance

• Internal Assessments - COBIT management self-assessments (4 per year)
• External Audits - Mitigating audit findings & ensure minimum high-risk findings
• BTD Awareness campaigns
• Security response Plans
• Ensure alignment with Group Info sec strategy
• ISMS implementation / co-ordination
• Platform Stability and network availability

• Redundancy assessments
• DR and BCP initiatives
• Maintenance of documents
   

Project Support and Ad HOC

• Project driven governance improvements
• Support on group wide initiatives

Qualifications

• Minimum CRISK
• Bcom degree in Risk Management
• Post Graduate Governance, Risk and Compliance Management would be advantageous

Experience

• Minimum 3 - 5 years’ experience in Risk management, governance and compliance.
• Minimum 2 years’ experience in process design and analysis
• Minimum 1 years’ experience in Technology Risk management
• Previous governance and policy development experience would be advantageous.
• Process and Control Compliance Monitoring and Reporting
• Governance in large enterprises System Development Life Cycle and Project Management CoBiT and ITIL control Frameworks Risk Management and control in IT environment IT Audit
   

Technical Competencies

• Risk Management
• Compliance/ Governance
• Project Management

Behavioral Competencies 

• Accountability
• Teamwork
• Delegation
• Interpersonal Support
• Perseverance
• Motivating
• Prioritisation
• Analytical Thinking

go to method of application »

Purpose of the Position:

To assist to develop and implement security incident monitoring and forensics management, forensics across Video Entertainment. To take a proactive approach to managing system risks and creating mitigation plans to deter future risks

Key Performance Objectives

Tasks

Incident Management

• Assist the management team in drafting a strategic direction for the function while ensuring that this direction is aligned with that of the CISO.
• Expand and mature existing incident response processes and activities
• Development and maturity of Detection capabilities by leveraging off of the SIEM, Network Behaviour Anomaly Detection and Endpoint Detection
• Plan, design and implement an overall security management process for the function.

The process includes: detection, triage, analysis, containment, recovery and reporting

• Innovate solutions by Investigating and implementing AI solutions to have better capability within the function.
• Mature the network access control initiatives as deemed necessary by management.
• Act as the lead for security incidents and breaches as per the defined processes.
• Improve ability to minimise and prevent further incidents by accurate documentation and post analysis of all system incidents. Forensics and Breach Management
• Assist by leading the incident response process and execution including unauthorized access, security policy violations and Data Loss Incidents
• Manage and execute processes responsible for the advanced analysis of security threat intelligence (malicious code, hackers and zero-day exploits, etc.) in order to proactively prepare for security events. Develop communication channels with the business units to ensure solid incident response and risk assessment processes
• Ensure continuous testing of all breach management processes
• Conduct red and blue team exercises as directed by management

People Management

• Manage specialists and external Consultants team to ensure effective delivery of business unit objectives.
• Assist the manager to ensure a high performing team by embedding formal performance development and informal coaching. Encourage frequent knowledge sharing between team members.
• Motivate team members and ensure that their efforts are recognised
• Coach and mentor junior practitioners within the defensive systems field in principles and processes

Qualifications

• Degree (NQF 7) in Security/Information Technology/ OR equivalent
• Certification required – CISSP and CISM
   

Experience

• Minimum of 8 - 10 years of experience in an Information Security environment with specific focus on working with security incident and event management
• Forensics and breach management experience is critical
• A proven track record of experience in the IT and Information Security Industry is critical.
• Understanding the influence of service support services on successful service delivery is critical.
• Proven knowledge and experience in the Technology Operations Environment will be an advantage.
• Project Management experience is an advantage.

Technical Competencies

• Security Incident Monitoring and Response Strategy
• Incident Management
• Problem Solving and Analysis
• Business Acumen
• Stakeholder Influence
• Project Management
   

Behavioral Competencies

• Relationship Building
• Conflict Resolution
• Decision Making
• Critical Appraisal
• Holistic Thinking
• Persuading & Influence
• Coaching