Information Security Analyst III
Johannesburg, ZA
Nedbank
Get a financial partner who will help, guide and support you on your personal journey.Job Classification
- REQ: 131922 - Refilwe Falatsi
- Closing Date: 15 March 2024
- Division: Wealth Centre | Risk
- Employment Equity Statement: Preference will be given to Individuals from Underrepresented Groups.
Job Family
Information TechnologyCareer Stream
It RiskLeadership Pipeline
Manage Self: ExpertFAIS Affected
Job Purpose
To collaboratively perform in-depth analysis with stakeholders on complex information security issues and provide optimum solutions which meet both business and technical requirements while aligning with the information security strategy. To support the Wealth cluster in the implementation and execution of the cyber resilience risk management framework that includes monitoring of cyber risk, cyber security program, policies, standards, reporting of all cluster-specific cyber security program elements, and regulatory matters as it relates to cyber security.
Job Responsibilities
- Build and maintain professional relationships by information sharing and professional networking within the bank.
- Build and maintain internal stakeholder relationships through collaboration with stakeholders and regular communication via various media.
- Drive compliance with security policies and standards on cluster infrastructure.
- Primary interface between the cluster and CISO office.
- Represent business as an information security representative on the CRC.
- Ensure alignment and implementation of CRRMF in clusters.
- Report of all cluster-specific information security program elements.
- Actively executes the cyber security program elements and other information and cyber security plans developed by the business.
- Assist the cluster with the identification of critical assets (“crown jewels”) and feed that back into the business impact analysis and risk management processes.
- Work with the business to develop processes and procedures to ensure information security policies and standards are integrated; and
- Assist with third-party supplier information and cyber security risk assessments and assurance.
- Assist business with incident management related to cyber and/or privacy incidents.
- Conclude cyber / privacy impact assessment on new business initiatives.
- Build and maintain professional relationships by information sharing and professional networking within the bank.
- Provide input into the negotiation process with vendors for new and existing technologies and services.
- Contribute to a culture of transformation by participating in Nedbank culture building initiatives, business strategy, and CSI.
- Stay abreast of developments in field of expertise, ensuring personal and professional growth.
- Understand and embrace the Nedbank vision and values, leading by example.
- Seek opportunities to improve business processes, models and systems.
- Participate in Research and Development related to specific Information Security Technology.
- Participate in proof of technology and proof of concept.
- Identify and set selection criteria for new products.
- Participate in the implementation and hand over of new products as provided in the selection criteria.
- Keep abreast of information security policies, rules, standards and processes, procedures and practices, as well as business rules, introducing new industry concepts to information security.
- Create and review all relevant processes and procedures mindful of current policies and standards.
- Create, maintain and review information security standards.
- Oversee and monitor environment per set standards.
- Review and contribute to project documentation.
- Mitigate risks. Implement specific Information security technologies. Gain further exposure and experience on multiple technologies.
- Log, submit and implement low, medium and high risk security changes independently.
- Provide guidance and supervision to Administrators and other analysts on implementation and changes.
- Oversee and ensure change was success.
- Support the achievement of the business strategy, objectives and values.
- Enable skilling and required corrective action to take place by sharing knowledge and industry trends with team.
- Provide technical mentoring both to Individual and specialist development projects.
People Specification
Essential Qualifications - NQF Level
- Professional Qualifications/Honour’s Degree
Preferred Qualification
Degree in IT / Computer Science / Informatics
Preferred Certifications
- Certified Information Security Manager (CISM)
- Privacy Related Certificate (s)
- Certified in Risk and Information Systems Control (CRISC)
Minimum Experience Level
- 4 - 7 years in Information Security Experience
- Exposure in Risk Management Monitoring
- Data Reporting Analytics experience
Technical / Professional Knowledge
- Administrative procedures and systems
- Banking knowledge
- Data analysis
- Governance, Risk and Controls
- Microsoft Office
- Principles of project management
- Relevant regulatory knowledge
- Relevant software and systems knowledge
- Business writing skills
- Information Security Threats and Attact vectors
- Cluster Specific Operational Knowledge
- System Development Life cycle(SDLC)
- TCP/IP
- Information Security terms and definitions
- Basic computer concepts
- Relevant Operating System
- Information Security policies and procedures
- Vendor Management Principles
Behavioural Competencies
- Coaching
- Collaborating
- Decision Making
- Influencing
- Innovation
- Technical/Professional Knowledge and Skills
---------------------------------------------------------------------------------------
Please contact the Nedbank Recruiting Team at +27 860 555 566
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Analytics Banking CISM CISO Compliance Computer Science CRISC Governance Monitoring Privacy Risk assessment Risk management RMF SDLC Security strategy Strategy TCP/IP Vendor management
Perks/benefits: Career development
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs