Principal Specialist Cyber Security
Salary Negotiable
Not Specified
12 days ago
Job Description
Our company in the telecommunication industry is seeking an experienced and highly skilled Cyber Security Principal Lead or Specialist to oversee our cyber security strategies and initiatives within the financial services, insurance, and lending sector. The ideal candidate should have a deep understanding of cyber security practices and trends and possess the leadership skills necessary to guide a team of professionals in implementing and maintaining an effective and comprehensive cyber security program. The principal lead or specialist must be able to influence and broker conversation with executive level stakeholders to address cyber risk in the financial services entity.
Qualification and Experience
Degree or a relevant tertiary qualification in Information technology and Minimum of 8 years of experience in cyber security role where you meet business deliverables.
At least 8 years’ experience in cyber governance, risk, controls, and compliance management in a technology environment
8 years of experience in IT Audit and Assurance management in a cyber or technology environment
Knowledge of common information technology management and compliance frameworks such as ISO/IEC 27001, SOC 2, SOX, ITIL, COBIT, and NIST.
Knowledge of legal, regulatory and privacy requirements, such as personally identifiable information (PII) Protection and Payment Card Industry (PCI)/Data Security Standard.
High level understanding and knowledge of Cloud Risk, Compliance and Assurance
Proven experience managing and operating multiple security programs, projects, and initiatives and related security tooling
An ability to think strategically and drive change
A deep understanding of Tech Security risks and mitigating solutions
A diverse security background with knowledge in several areas including layered security architecture; internet protocols; firewalls; VPN technologies, IDS/IPS, network access control and network segmentation, anti-malware and spam technologies; risk and vulnerability assessments, and compliance
Security concepts related to DNS, routing, authentication, VPN, proxy services and DDOS mitigation technologies
Windows, UNIX and Linux operating systems
Web Application Security and Encryption
Strong organizational skills and an entrepreneurial drive with a history of recruiting and developing high-performing teams
Ability to build and manage highly motivated and innovated technical and extended team
Ability to work under time and resource pressure
An ability and desire to communicate and work with a broad set of stakeholders
A customer-focused, responsive, and transparent attitude
Grasping of technical concepts rapidly and the ability to articulate these concepts to technical and non-technical audiences
Skilled in communicating with all levels of management
Roles and Responsibilities
Support and assist with the development and management of the 3-to-5-year cyber security strategy across the company
Achieve and maintain and target cyber security maturity level for the company
Build relevant business cases for key initiatives and existing planned cyber programmers.
Support the design, develop and implement a security programmer for the company
No or per target Internal Audit findings related to the company for cyber security
Ensure a cyber security incident response practice is in place across the company
Promote awareness of security policies, training, and the governance strategy amongst all levels of the company to ensure sound security governance is reflected across the entity
Actively manage risks on the Cyber Risk Register from intake to resolution
Communicate risk assessment findings with key stakeholders to develop and monitor risk remediation plans
Conduct regular compliance assessments with the business to ensure that current and emerging risks are being monitored and managed
Proactive control design and implementation guidance provided to the business
Process and control compliance monitoring and reporting
management on the recommended actions
Tracking and monitoring of audit remediation action implementation
Design of status reports as well as insight reporting as and when required by management
Lead reporting development with the use of automation and reporting tools to generate cyber risk metrics, i.e. KPI’s, KRI’s
To provide management with assurance covering controls across the business environments that there are adequately designed and operating effectively
To support management during audits as well as implement and track management audit actions to closure
Provide management with status update reports as well as insight reporting across all the companies departments
Our company in the telecommunication industry is seeking an experienced and highly skilled Cyber Security Principal Lead or Specialist to oversee our cyber security strategies and initiatives within the financial services, insurance, and lending sector. The ideal candidate should have a deep understanding of cyber security practices and trends and possess the leadership skills necessary to guide a team of professionals in implementing and maintaining an effective and comprehensive cyber security program. The principal lead or specialist must be able to influence and broker conversation with executive level stakeholders to address cyber risk in the financial services entity.
Qualification and Experience
Degree or a relevant tertiary qualification in Information technology and Minimum of 8 years of experience in cyber security role where you meet business deliverables.
At least 8 years’ experience in cyber governance, risk, controls, and compliance management in a technology environment
8 years of experience in IT Audit and Assurance management in a cyber or technology environment
Knowledge of common information technology management and compliance frameworks such as ISO/IEC 27001, SOC 2, SOX, ITIL, COBIT, and NIST.
Knowledge of legal, regulatory and privacy requirements, such as personally identifiable information (PII) Protection and Payment Card Industry (PCI)/Data Security Standard.
High level understanding and knowledge of Cloud Risk, Compliance and Assurance
Proven experience managing and operating multiple security programs, projects, and initiatives and related security tooling
An ability to think strategically and drive change
A deep understanding of Tech Security risks and mitigating solutions
A diverse security background with knowledge in several areas including layered security architecture; internet protocols; firewalls; VPN technologies, IDS/IPS, network access control and network segmentation, anti-malware and spam technologies; risk and vulnerability assessments, and compliance
Security concepts related to DNS, routing, authentication, VPN, proxy services and DDOS mitigation technologies
Windows, UNIX and Linux operating systems
Web Application Security and Encryption
Strong organizational skills and an entrepreneurial drive with a history of recruiting and developing high-performing teams
Ability to build and manage highly motivated and innovated technical and extended team
Ability to work under time and resource pressure
An ability and desire to communicate and work with a broad set of stakeholders
A customer-focused, responsive, and transparent attitude
Grasping of technical concepts rapidly and the ability to articulate these concepts to technical and non-technical audiences
Skilled in communicating with all levels of management
Roles and Responsibilities
Support and assist with the development and management of the 3-to-5-year cyber security strategy across the company
Achieve and maintain and target cyber security maturity level for the company
Build relevant business cases for key initiatives and existing planned cyber programmers.
Support the design, develop and implement a security programmer for the company
No or per target Internal Audit findings related to the company for cyber security
Ensure a cyber security incident response practice is in place across the company
Promote awareness of security policies, training, and the governance strategy amongst all levels of the company to ensure sound security governance is reflected across the entity
Actively manage risks on the Cyber Risk Register from intake to resolution
Communicate risk assessment findings with key stakeholders to develop and monitor risk remediation plans
Conduct regular compliance assessments with the business to ensure that current and emerging risks are being monitored and managed
Proactive control design and implementation guidance provided to the business
Process and control compliance monitoring and reporting
management on the recommended actions
Tracking and monitoring of audit remediation action implementation
Design of status reports as well as insight reporting as and when required by management
Lead reporting development with the use of automation and reporting tools to generate cyber risk metrics, i.e. KPI’s, KRI’s
To provide management with assurance covering controls across the business environments that there are adequately designed and operating effectively
To support management during audits as well as implement and track management audit actions to closure
Provide management with status update reports as well as insight reporting across all the companies departments
Recruiter: talentCRU