Business Information Security Officer

2 months ago

Cape Town, South Africa Sanlam Full time

CAREER OPPORTUNITY

Santam BITS has a career opportunity for a senior role of Business Information Security Officer (BISO) in the Business Information and Technology Services (BITS) department which will be based in the Western Cape or Gauteng.

KEY RESPONSIBILITIES

Establish and manage a Santam Business Unit (SBU) Information Security Programme. Implement cybersecurity awareness campaigns. Participate in Group Information Security Programme (GISP) initiatives. Information Security Governance and Assurance. Document processes and artefacts that prove that the relevant governance and assurance processes were implemented as designed. Information Security Incident Response and Cyber Crisis Management. Application (including cloud), Infrastructure Security, and Cybersecurity Education, Training and Awareness. The BISO will implement processes and controls as agreed with the Group Information Security Officer (GISO), GISP and the Group CIO. The BISO will be responsible for the quality and cost-effectiveness of information security services delivery in the SBU and will report on these metrics to the GISP and GISO. Provide regular feedback to Santam Manco on Group-wide information security issues. The BISO will report to the GISO on new initiatives, plans, and progress, which will be discussed with the Group Information Security Committee. Review and improve existing IT and Information Risk assessment, reporting and management practices. Update the Santam IT and Information Security Risk register. Document a security risk management action plan. This must include the relative priorities of agreed-upon actions, ownership of the actions, and agreed-upon timelines. Priorities will be aligned to Santam and GISP priorities. The BISO must have an action plan to implement these initiatives in Santam. Up to date and complete Santam cloud technology outsourcing and third-party register (where applicable). Review and respond to PSPG and risk acceptance requests within the agreed time. Clear and timely communication to management and users regarding planned group awareness campaigns. Risk assessment that identifies a requirement for additional awareness or targeted education, training, and awareness interventions. Alignment with the Group's annual security education, training and awareness plan. Document the logical access review schedule for Line of Business Applications, review the results, facilitate resolution, and report on the progress made in resolving issues identified during the reviews. Review and respond to all security-related audit findings.

KEY RESPONSIBILITIES

Report all cyber security incidents, or information security incidents (including privacy-related incidents) where the compromise was through technology to the Sanlam Group Technology (SGT) CSIRT. Be a primary contact for cybersecurity incidents identified by the SGT CSIRT. Ensure appropriate actions are taken when policy breaches are identified in the SBU. Assist by facilitating engagement and communication with key stakeholders in the Santam during a major incident. Produce Quarterly Group ISO Forum and GISP reports. Ensure that security 'gates' are a formal part of the SDLC/ Agile/ relevant solution development methodology. Interventions and role-players must be clearly specified. Active participation in Sanlam-sanctioned industry bodies (. ISF Live, ISACA, FS-ISAC) Timeous escalation of new, high or escalating cybersecurity risks. Engage with application owners and the Group Cyber Security Centre (GCSC) Operations Team to ensure that system vulnerabilities identified during penetration tests, Red Team exercises, or vulnerability scans are addressed. Ensure that the Group CIO is aware of risks and actions required. Facilitate workshops and risk documentation during Control Self Assessments or Crown Jewel Risk Assessment processes. Find & provide root cause analysis and implement permanent and/or long-term fixes for cyber-related incidents. Strong understanding of integration between Workstations and Network/Servers. Installations and monitoring of devices using automated tools (. SCCM) & scripting. Responsible for maintaining a configuration register of assets and licenses.

QUALIFICATIONS AND EXPERIENCE

Bachelor’s Degree or Diploma in Computer Science, Information Systems or other related field, or equivalent work experience Minimum 7 years of relevant experience Cyber and information security certifications (such as CISM, CISSP, CCSP, CISA, ISO 27000 Lead Implementer/ Auditor) are in force. If the candidate does not possess such certifications, evidence is required that the candidate is studying toward them.

COMPETENCIES

High Stress Tolerance. Building and maintaining relationships. Teamwork and ability to function independently. Facilitation Skills. Adaptability. Attention to detail. Planning and organising. Ability to work independently. Interpersonal savvy. Decision quality. Plans and aligns. Optimises work processes. Being resilient. Collaborates. Cultivates innovation. Customer focus. Drives results.

ADDITIONAL COMPETENCIES AND SKILLS

Honesty, integrity, and respect. Positive, enthusiastic, can-do attitude. Ability to work under pressure and long hours. Ability to co-operate and thrive both within an independent and team environment. Project Management. Reporting and Administration. Business Requirements Definition. Compliance Monitoring. Emerging Technologies.

ABOUT THE COMPANY

Santam is the leading short-term insurer in South Africa. Along with its subsidiaries, the business transacts all classes of short-term insurance. Santam is a large, diversified, and transforming company and our success is rooted in our passion for our clients. Everything we do is centered on our delivery of Insurance Good and Proper. 

Please note this appointment will be made in line with the Divisional Employment Equity targets. People with disabilities are welcome to apply

  • Business Information Security Officer

    1 month ago

    Cape Town, Western Cape, South Africa Sanlam Full time

    About the RoleSantam is seeking a highly skilled Business Information Security Officer to join our team. As a key member of our Business Information and Technology Services (BITS) department, you will be responsible for establishing and managing a Santam Business Unit (SBU) Information Security Programme.Key ResponsibilitiesImplement cybersecurity awareness...

  • Senior Business Information Security Officer

    1 week ago

    Cape Town, Western Cape, South Africa Sanlam Full time

    Career OpportunitySantam is seeking a talented Senior Business Information Security Officer to join our Business Information and Technology Services (BITS) department. This senior role will be based in our Western Cape or Gauteng offices.Key ResponsibilitiesEstablish and manage a Santam Business Unit (SBU) Information Security Programme.Develop and implement...

  • Information Security Officer

    1 month ago

    Cape Town, Western Cape, South Africa Ecentric Payment Systems Full time

    Job Title: Information Security OfficerWe are seeking an experienced Information Security Officer to join our team at Ecentric Payment Systems. As a key member of our security team, you will play a pivotal role in safeguarding our organization's data and IT infrastructure.Key Responsibilities:Develop and implement robust security protocols to ensure...

  • Business Information Security Manager

    4 weeks ago

    Cape Town, Western Cape, South Africa Sanlam Full time

    Job Title: Business Information Security OfficerSantam is seeking a highly skilled Business Information Security Officer to join our team in the Business Information and Technology Services (BITS) department. This is a senior role that will be based in the Western Cape or Gauteng.Key Responsibilities:Establish and manage a Santam Business Unit (SBU)...

  • Information Security Officer

    4 weeks ago

    Cape Town, Western Cape, South Africa Ecentric Payment Systems Full time

    Job Title: Information Security OfficerWe are seeking an experienced Information Security Officer to join our team at Ecentric Payment Systems. As a key member of our security team, you will play a crucial role in safeguarding our organization's data and IT infrastructure.Key Responsibilities:Develop and implement robust security protocols to ensure...

  • Information Security Officer

    2 months ago

    Cape Town, South Africa Root Platform Full time

    **Mission**: At Root, we believe that the future of insurance is **digital**, **personalised** and **embedded**. Our mission is to grow insurance businesses into this future by providing the infrastructure that makes it possible. Your role as an Information Security Officer will be pivotal in crafting and executing a comprehensive information security...

  • Information Security Officer

    1 month ago

    Cape Town, South Africa Ecentric Payment Systems Full time

    Introduction Our team offers comprehensive experience and expertise across the South African (and beyond) payment gateways landscape. To guarantee the best service we handle all the onetomany payment relationships on behalf of our clients so they may focus their energy on growing their business.As leaders in payment compliance and security our clients can...

  • Business Information Security Specialist

    3 weeks ago

    Cape Town, Western Cape, South Africa Sanlam Full time

    Career OpportunitySanlam is seeking a highly skilled Business Information Security Specialist to join our team in the Business Information and Technology Services department.Key ResponsibilitiesEstablish and manage a comprehensive information security programme.Implement cybersecurity awareness campaigns and participate in group initiatives.Ensure...

  • Information Security Officer

    3 weeks ago

    Cape Town, South Africa Ecentric Payment Systems Full time

    Job DescriptionTo ensure your application is successfully received and that you can smoothly complete the screening process, we encourage you to apply through our Career Portal: www.ecentric.co.za. We look forward to reviewing your submission!Introduction Our team offers comprehensive experience and expertise across the South African (and beyond) payment...

  • Information Security Officer

    1 month ago

    Cape Town, South Africa Ecentric Payment Systems Full time

    Job DescriptionIntroduction Our team offers comprehensive experience and expertise across the South African (and beyond) payment gateways landscape. To guarantee the best service, we handle all the one-to-many payment relationships on behalf of our clients so they may focus their energy on growing their business.As leaders in payment compliance and security,...

  • Information Security Officer

    4 weeks ago

    Cape Town, South Africa Ecentric Payment Systems Full time

    Job DescriptionIntroduction Our team offers comprehensive experience and expertise across the South African (and beyond) payment gateways landscape. To guarantee the best service, we handle all the one-to-many payment relationships on behalf of our clients so they may focus their energy on growing their business.As leaders in payment compliance and security,...

  • Information Security Officer

    3 weeks ago

    Cape Town, South Africa Ecentric Payment Systems Full time

    To ensure your application is successfully received and that you can smoothly complete the screening process, we encourage you to apply through our Career Portal: . We look forward to reviewing your submission!Introduction Our team offers comprehensive experience and expertise across the South African (and beyond) payment gateways landscape. To guarantee...

  • Information Security Officer

    1 month ago

    Cape Town, South Africa Ecentric Payment Systems Full time

    Introduction Our team offers comprehensive experience and expertise across the South African (and beyond) payment gateways landscape. To guarantee the best service, we handle all the one-to-many payment relationships on behalf of our clients so they may focus their energy on growing their business.As leaders in payment compliance and security, our clients...

  • Information Security Officer

    4 weeks ago

    Cape Town, South Africa Ecentric Payment Systems Full time

    Introduction Our team offers comprehensive experience and expertise across the South African (and beyond) payment gateways landscape. To guarantee the best service, we handle all the one-to-many payment relationships on behalf of our clients so they may focus their energy on growing their business.As leaders in payment compliance and security, our clients...

  • Information Security Manager

    5 months ago

    Cape Town, South Africa VOSS Solutions Full time

    **About the company**: VOSS develops a range of products that are used by the world’s largest communications service providers and enterprises. These market-leading tools are paired with professional services to help our customers achieve the most from their digital workplace platform. We operate in a very dynamic industry and leverage the latest...

  • Cybersecurity & Digital Information Officer - IT Security Specialist

    1 week ago

    Cape Town, Western Cape, South Africa Tower Group Full time

    Job Title: Cybersecurity & Digital Information Officer - IT Security SpecialistTower Group is seeking a highly skilled Cybersecurity & Digital Information Officer - IT Security Specialist to join our Information Technology and Digital Services tribe. Job Summary: The Cybersecurity & Digital Information Officer - IT Security Specialist will be responsible for...

  • Information Security Specialist

    4 weeks ago

    Cape Town, Western Cape, South Africa Ecentric Payment Systems Full time

    Job Title: Information Security OfficerEcentric Payment Systems is seeking a highly skilled Information Security Officer to join our team. As a key member of our security team, you will play a critical role in safeguarding our organization's data and IT infrastructure.Key Responsibilities:Develop and Implement Security Policies: Establish and maintain...

  • Information Security Specialist

    4 weeks ago

    Cape Town, Western Cape, South Africa Ecentric Payment Systems Full time

    Job Title: Information Security OfficerEcentric Payment Systems is seeking a highly skilled Information Security Officer to join our team. As a key member of our security team, you will play a critical role in safeguarding our organization's data and IT infrastructure.Key Responsibilities:Develop and Implement Security Policies: Establish and maintain...

  • Information Security Specialist

    4 weeks ago

    Cape Town, Western Cape, South Africa Ecentric Payment Systems Full time

    Job Title: Information Security OfficerJob Summary:Ecentric Payment Systems is seeking an experienced Information Security Officer to join our team. As a key member of our operations team, you will play a pivotal role in safeguarding our organization's data and IT infrastructure.Key Responsibilities:Develop and implement robust security protocols to ensure...

  • Information Security Officer

    3 weeks ago

    Cape Town, Western Cape, South Africa Ecentric Payment Systems Full time

    Job Title: Information Security OfficerWe are seeking an experienced Information Security Officer to join our team at Ecentric Payment Systems. As a key member of our IT department, you will play a crucial role in safeguarding our organization's data and IT infrastructure.Key Responsibilities:Develop and implement robust security protocols to ensure...