Security, Governance

Surgo (PTY) Ltd. has partnered with a global analytics and digital solutions company serving industries including insurance, healthcare, banking and financial services, media, retail, and others. They aim to bridge the gap between digital expectations and real outcomes for international companies with Digital Intelligence.

Our client is recruiting for a Security, Governance, Metrics & Reporting Specialist to join their team based in Cape Town.

**Job Purpose**:
To develop governance and status reports on the company’s security, risk & compliance posture to the CISO, CIO and senior leadership, based on Key Performance Indicators (KPIs) and security metrics, to facilitate the awareness of Cybersecurity & Resilience effectiveness, support decision making, and improve security performance and accountability.

**Requirements**:
Essential to have a Bachelors degree (or equivalent) in a related technical area

Desirable to have one or more of the following industry certifications: CISM, CRISC or ISACA CGEIT

Essential to have knowledge and understanding of metrics, key performance indicators, trackers, dashboards, and data visualisation techniques & tooling, e.g., PowerBI or Tableau Essential to have knowledge or training on the ISO27001 standard and NIST security frameworks

**Skills**:
Ability to design and execute formalised reporting, KPIs and metrics in a Security, Governance, Metrics & Reporting environment

Ability to gather the latest security status and track the effectiveness of agreed security metrics by reviewing audits, test results, logs, or other forms of evaluation

Ability to use security GRC tool (for example ServiceNow or Archer) to automate governance, risk management and compliance processes

Ability to build relationships, collaborate cross functionally with various departments and communicate with stakeholders of varying seniority to explain tracking against key performance indicators and metrics in simple business language, with a clear scope of progress towards objectives

Strong understanding of security reporting, governance, dashboards, and progress tracking using KPIs and metrics

Strong analytical skills, with a proactive work approach for establishing KPIs and reporting on the current status of security for the business, with a proven ability to drive results

A confident speaker, with the ability to create executive presentations for senior leadership to convey insights, findings, cyber function progress and performance

**General knowledge of various Cybersecurity domains such as**: Governance, Risk & Compliance, Security Monitoring, Security Awareness & Skills Training, Communications and Privacy Programme Management, with an ability to track progress and performance across these areas

**Experience**:
As a Security, Governance, Metrics & Reporting Specialist, you will be expected to demonstrate experience and knowledge across the following areas
- Define and formalising metrics & KPIs to help track the latest security status, with clearly outlined ownership and management of security governance

Conduct periodic reviews of performance against metrics and KPIs for Cybersecurity functions

Establish reporting against KPIs & metrics through established governance forums, for management to have a consistent view of security across the organisation

Analyses security metrics to provide insights on key security trends to senior leadership and enable improved utilisation of security resources

Work in a global Organisation (preferably within the manufacturing and/or Governance, Risk & Compliance division) with stakeholders of varying seniority and a track record to navigate through complex work environments

**Salary**: Market Related