Share this job with your friends, family and co-workers...
THIS JOB ADVERT IS STILL ACTIVE...
INFORMATION SECURITY MANAGEMENT SYSTEMS LEAD - 361521
INFORMATION SECURITY MANAGEMENT SYSTEMS LEAD
Information Technology / Web Development / Telecommunications
Wage / Salary:
R - Market Related - P/M (Per Month)
Information Security Management Systems Lead
Assist with preparation of information security documentation and executive level reports (e.g. Board, Audit, and Risk Committees).
Assess and mitigate third party vendor, and information security compliance risks from current and changing business practices, systems, policies, regulations, and laws to ensure secure information handling and exchange
Define and implement key processes and functions required to enable the ISMS in the organization.
Conduct interviews with relevant responsible and accountable personnel and scrutinize the relevant documentation to ensure that ISMS requirements are met.
Implement, maintain, monitor and ensure the effective operation of the Information Security Management System (ISMS) following guidelines from the ISO/IEC 27001:2013 standard.
Manage and coordinate the risk register, risk exceptions, metrics, reporting and the management of identified information security risk, remediation actions plans from all sources.
Conduct the information security risk assessments and ensure that the risk remediation plans tie in with the controls design and implementation of ISMS.
Qualifications and Experience
Bachelor's Degree in Computer Science/ Information Technology/ Computer Systems Engineering/ Information Systems OR related field.
CISM, CISA, ISO 27001 Lead Implementer, Lead Auditor,
A minimum of 6-8 years of experience in Information Security or related ICT environment and Professional Certification in Information Security.
Professional experience in running the Governance, Risk and Compliance office applying frameworks to manage, measure and report risks.
A good understanding of security and privacy regulations such as RICA, POPI, ECT Act, and corporate security policies and procedures.
Strong understanding of security and auditing standards such as ISO 27001:2013
Knowledge of various information security domains
Practical experience of ISMS implementation