Information Security Governance Manager
S-RM
Date: 2 days ago
City: Cape Town, Western Cape
Contract type: Full time
S-RM is a global intelligence and cyber security consultancy. Since 2005, we've helped some of the most sophisticated clients in the world solve some of their toughest challenges.
We've been able to do this because of our outstanding people. We're committed to developing bright, curious, driven individuals who want to think critically, solve complex problems, and achieve success.
But we also know that work isn't everything, It's about the lives and careers it helps us build. We're immensely proud of this culture and we invest in our people's wellbeing, learning, and ideas every day.
WORKING IN INFOSEC AT S-RM
As Information Security Governance Manager you'll be responsible for:
Our Benefits
We offer thoughtful, balanced rewards and support to help our people do their best work and live their lives outside it, this includes but is not exhaustive of:
We've been able to do this because of our outstanding people. We're committed to developing bright, curious, driven individuals who want to think critically, solve complex problems, and achieve success.
But we also know that work isn't everything, It's about the lives and careers it helps us build. We're immensely proud of this culture and we invest in our people's wellbeing, learning, and ideas every day.
WORKING IN INFOSEC AT S-RM
As Information Security Governance Manager you'll be responsible for:
- Building and delivering KPIs presentations to senior leadership and heads of departments.
- Working with Technology Operations to deploy companywide phishing tests, track and report on the results.
- Deploy company-wide security awareness training using company approved training platform and contribute to the evaluation of effectiveness of the selected training platform.
- Coordinate team effort in the investigation and containment activities in the internal incident response team.
- Maintaining and monitoring SOPs.
- Manage exceptions to organisation-wide security policies.
- Lead and complete assurance on technical security controls and technical design on both new and existing solutions in the application portfolio. Subsequently work with the business to close out identified gaps identified as part of the assurance process.
- Consult the rest of the business and represent Information Security in key forums, e.g. Project teams, Executive Committee, DevOps, IT Operations, Risk and Compliance and Legal to ensure that security standards are met and adhered to.
- Manage the supplier evaluation process and action findings identified from the process for RFP/RFIs requested from the business and internal supplier evaluation requirements.
- Coordinate the delivery of companies Incident Response and Disaster Recovery tabletop exercises and planned failover tests.
- Provide input to organisational risk registers, based on knowledge of current and emerging information security risk and known vulnerabilities within existing controls.
- Build and maintain positive stakeholder relationships at all levels of the organisation as well as with key external stakeholders (including clients, certification bodies and external consultants).
- Develop the roadmap of InfoSec projects, drive the delivery of the roadmap and track completion progress.
- Provide input in InfoSec budget planning, covering investment in BAU as well as InfoSec project work.
- Develop and implement and support in the maintenance of organisation-wide security policies and processes that are aligned with ISO27001:2022, CIS and NIST frameworks.
- Managing internal and external audit programmes and maintenance of established frameworks such as ISO27001 and Cyber Essentials and other frameworks where required.
- Manage remediation process following external audits and internal security assessments. Includes coordination of pentest findings, vuln scan findings and CIS benchmark reviews but does not involve implementation of the fixes.
Our Benefits
We offer thoughtful, balanced rewards and support to help our people do their best work and live their lives outside it, this includes but is not exhaustive of:
- 23 days holiday per year in addition to public holidays (+1 day for every year of service up to a maximum of 30 days in total);
- Hybrid working and flexible working hours;
- Matching pension contribution up to 7% (up to a maximum of 14% combined), and financial education;
- Life Insurance 4X annual salary.
- Fertility treatment leave – 5 days of leave per cycle of treatment per year;
- Maternity leave – 26 weeks of full pay followed by 13 weeks of half pay;
- Paternity leave – 6 weeks of full pay.
- Medical Aid (taxable benefit) for you and your immediate family
- EAP program for you and your immediate family;
- Free access to the world-famous mindfulness app.
See more jobs in Cape Town, Western Cape