Cyber Security Specialist

Job Summary

To provide specialist advice & support in the development & implementation of IT security service delivery processes, methods and techniques enabling secure management & control of IT access, in alignment with governance requirements.

Job Description

Cyber Security Specialist

Job Purpose:

To drive IT Risk compliance which ultimately ensures that all the Bank’s management data, processes, risks and controls are effectively operating. Ensure that all cybersecurity activities and duties are carried out in full compliance with regulatory requirements, Enterprise wide Risk Management Framework and internal Absa Policies and Standards. Understand and manage cyber security risks and risk events.

Key Accountabilities

Accountability – 60%

Assessing the risks and exposures related to cybersecurity and aligning to the Bank’s risk appetite.
Monitoring current and emerging risks and changes to laws and regulations for appropriate actions.
Collaborating with stakeholders charged with safeguarding the information assets at Absa to ensure appropriate control design and configurations.
Maintain comprehensive cyber risk registers: Key cybersecurity risks should be regularly identified and assessed. Risk identification should be forward looking and include the security incident handling.
Ensure implementation of the cyber and information risk management strategy including cyber risk policies and standards.
Safeguarding the confidentiality, integrity and availability of information asset and Technology platforms.
Prepare Cyber Security Posture reports for submission to the various risk committees.
Run the vulnerability management program to ensure vulnerabilities are identified, prioritized, and remediated on time.
Engage with stakeholders across the Absa Group to motivate and drive remediation of vulnerabilities and identified issues.
Engage with Project Management teams to ensure all new projects are security assessed and in line with the bank’s cyber security policies and standards.
Coordinate penetration test, red team and audit engagements with both internal and external assessment teams.
Respond to Cyber security incidents in coordination with the Group Incident Response and Forensics team.
Report Cyber security incidents to the regulator as specified in the prudential guidelines.

Accountability – 20%

Implement parameters to measure Cyber risks exposure.
Monitoring adherence to cyber risks policy & standards to drive remediation measures.
Reporting all cyber risks consistently and comprehensively to the senior leadership & relevant stakeholders to facilitate appropriate decisions.

Accountability- 10%

Coordinate Cybersecurity awareness activities across the bank from strategic, technical, and general sensitization.
Create Cybersecurity awareness circulars for customers.
Coordinate cybersecurity awareness for the Board members.

Accountability – 10%

Research on emerging cybercrime trends and gathering threats intelligence for onward sharing.
Coordinate red team exercises.
Coordinate penetration testing activities for new and existing applications and infrastructure.

Risk and Control objective

Ensure that all activities and duties are carried out in full compliance with regulatory requirements, Enterprise-Wide Risk Management Framework and internal Absa Policies and Policy Standards.
Understand and manage risks and risk events (incidents) relevant to the role.

Preferred Qualification

B-degree in (Computer Science / Information Technology) (NQF level no.)
CISSP / CISM / CEH or equivalent certification.

Preferred Experience

At least 5 years technical experience.

Knowledge and Skills

Proficiency with Linux and Windows operating systems
Network monitoring
Vulnerability Assessment and Penetration Testing
Risk Assessment
Incident Response
Data Analysis and Reporting

Apply Through:

absa.wd3.myworkdayjobs.com