Business Information Security Officer

**Job Classification**

**Requisition**:

- 136758 - Nozi Masabalala**Cluster** - Nedbank Wealth Cluster - Legal Risk Compliance**Closing Date** - 15 November 2024**Please Note: Preference will be given to applicants from Underrepresented Groups**
- Job Family- Risk, Audit and Compliance
- Career Stream- Information Security Risk
- Leadership Pipeline- Manage Self: Leading Expert

**Job Purpose**
- Provide leading expertise and guidance to ensure the security of Nedbank Groups Information Assets. The Group Executive, via the Group Chief Risk Officer, designates the Chief Information Security Officer (CISO), as an independent second line role, to be responsible and accountable overall for the Cyber Resilience Risk Management within the Group.**Responsibilities**:

- Deliver and meet the strategic financial objectives by managing the budget for the Cluster in line with agreed principles.
- Responsible for providing oversight and promoting cyber resilience across the Group.
- Develop and maintain cyber resilience strategy in collaboration with business and Group Technology(GT).
- Responsible for the digitisation of cyber resilience risk management.
- Co-ordinate cyber resilience across Nedbank.
- Provide expert advice on all aspects of cyber resilience, including providing input to specialised cyber business initiatives.
- Create and manage the Group's Cyber Resilience Programme.
- Monitor the effectiveness of cyber resilience arrangements and report to the Group Executive Committee and Board.
- Provide oversight in the investigation of cybersecurity incidents.
- Responsible for cybersecurity awareness programme.
- Develop and co-ordinate Group wide cyber risk assessments.
- Co-ordinate compliance efforts to cyber related regulatory programmes.
- Meet business objectives by influencing Information Technology (IT) delivery.
- Responsible to lead operational risk activities and takes greater responsibility for risk and governance.
- Manage material incidents and crises by leading the Cyber Crisis Management Team.
- Influence and set the tone for Cyber Security across the Group.
- Manage cyber co-ordinated asssurance.
- Act as the Chair of the Cyber Crisis Management Team, and responsible for developing and maintaining of the Playbooks.
- Be a thought leader on Information Technology (IT) matters across industries.
- Ensure the delivery of key IT projects.
- Ensure that relevant IT policies are in place to mitigate people risk.
- Meet compliance requirements by ensuring that the constructs of risk, governance and compliance are adequately addressed.
- Has sufficient authority, independence, resources and access to the Board - Group Risk and Capital Management Committee (GRCMC), Group IT Committee (GITCo) and Group Audit Committee (GAC).
- Provide an effective challenge that questions existing cyber resilience processes and information, while conducting specific testing of procedures and processes, consistent with the unique aspects of the Group's CRRMF and risk profile.
- Essential Qualifications - NQF Level- Professional Qualifications/Honour’s Degree
- Preferred Qualification- Computer Science and /or Commerce
- Preferred Certifications- Certified Information Security Manager (CISM); Certified Information Systems Security Professional (CISSP). Preferred: Certified Risk & Information Systems Control (CRISC) Certified Information Systems Auditor (CISA)
- Minimum Experience Level- 11 years experience in banking and an IT environment covering Business Continuity, Disaster Recovery, Information Security, Digital Forensics and Risk Management.8-10 years being in management**Technical / Professional Knowledge**
- Business continuity standard
- Digital computing (hardware components)
- Digital forensic tools and techniques
- Ethics and Fraud
- Forensic examination
- Information systems
- International Security Forum (ISF) Standards
- Nedbank policies and procedures
- Nedbank vision and strategy
- Relevant software and systems knowledge
- Relevant regulatory, compliance and risk legislation
- Behavioural Competencies- Strategic Influence
- Driving Execution
- Cultivating Networks and Partnerships
- Leading Change
- Operational Decision Making
- Digital Acumen
- Leading Virtual Teams
- **_Please contact the Nedbank Recruiting Team at +27 860 555 566_