Head, Internal Audit - Information & Cyber Security (GIA)

Company Description

Standard Bank Group is a leading Africa-focused financial services group, and an innovative player on the global stage, that offers a variety of career-enhancing opportunities – plus the chance to work alongside some of the sector’s most talented, motivated professionals. Our clients range from individuals, to businesses of all sizes, high net worth families and large multinational corporates and institutions. We’re passionate about creating growth in Africa. Bringing true, meaningful value to our clients and the communities we serve and creating a real sense of purpose for you.

Job Description

To lead and review the audit process for Information and Cyber Security across the group in line with the Group Internal Audit strategy to provide independent and objective assurance and advice within a segment or area of expertise to ensure sustainable client centric management of risk across SBG.

• Contribute to the development and implementation of GIA's strategy and operating model by applying insights from the SBG strategy and operating model, business unit strategy and operating model, products, services, client-base and competitive environment, industry and wider developments, regulatory environment, business developments and changes, operations, risk management practices and global assurance practices
• Assess, identify and report on practices in the audit portfolio which negatively impact client experience and raise recommendations to improve client experience.
• Implement the people plan for the portfolio to attract, retain, develop, manage and lead people capable of delivering GIA's objectives. Monitor the effectiveness of the plan and provide regular feedback to inform further development and improvements to the plan.
• Contribute to the development of GIA's data strategy. Implement the strategy across the portfolio.
• Contribute to GIA's technology strategy and implementation. Apply insights on practical audit needs, and from leading technology developments in wider fields, in financial services, within SBG and in risk and assurance practices.

Qualifications

• Post Graduate Degree - IT/ Information Systems/Information Security (Min)
• CISA (Min)
• CISM (Preferred)
• CISSP (Preferred)
• Cloud Security certifications (AWS/Azure) (Preferred)

Additional Information

Experience Required

10 Years + Proven experience in IT Security and audit project management. Experience in building partnerships and engaging with multiple stakeholders at senior levels across the ecosystem. Experience in understanding and evaluating security controls across various technology platforms. Experience in leading large teams; Change management experience.

Behavioural & Technical Competencies

Making Decisions: This competency is about the pace at which individuals are prepared to make decisions, as well as their willingness to take responsibility for their decisions when under pressure. It also deals with the extent to which individuals are definite about their views and opinions.

Upholding Standards: Upholding Standards within the organisation is important for ensuring that high quality products and services are provided as well as for ensuring that trust is created and maintained. Individuals need to focus on developing proper and discreet behaviour and to honour their commitments in order to be effective at demonstrating this competency.

Developing Strategies: This competency includes facets of behaviour such as being visionary and establishing effective plans that take into consideration long-term aspects. This competency also includes the need for individuals to focus on identifying trends.

Internal Auditing: The ability to follow a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes in accordance with the IA professional standards to enhance and protect organisational value

Maintain IA Professional Practices: Knowledge of Internal Audit International Professional Practices and apply them to improve the audit methodology, and as a quality standard for audit engagement deliverables to ensure continuous improvement of the audit function.

IA Technology Application: The ability to utilise technology to source and analyse data that supports the internal audit process (risk assessments, full population testing) and drive visual presentation