Preferred Qualification

• B-degree in (Computer Science / Information Technology) (NQF level no.)
  
• CISSP / CISM / CEH or equivalent certification.
  

Preferred Experience

• At least 5 years technical experience.
  

Knowledge and Skills

• Proficiency with Linux and Windows operating systems
  
• Network monitoring
  
• Vulnerability Assessment and Penetration Testing
  
• Risk Assessment
  
• Incident Response
  
• Data Analysis and Reporting
  

Accountability – 60%

• Assessing the risks and exposures related to cybersecurity and aligning to the Bank’s risk appetite.
  
• Monitoring current and emerging risks and changes to laws and regulations for appropriate actions.
  
• Collaborating with stakeholders charged with safeguarding the information assets at Absa to ensure appropriate control design and configurations.
  
• Maintain comprehensive cyber risk registers: Key cybersecurity risks should be regularly identified and assessed. Risk identification should be forward looking and include the security incident handling.
  
• Ensure implementation of the cyber and information risk management strategy including cyber risk policies and standards.
  
• Safeguarding the confidentiality, integrity and availability of information asset and Technology platforms.
  
• Prepare Cyber Security Posture reports for submission to the various risk committees.
  
• Run the vulnerability management program to ensure vulnerabilities are identified, prioritized, and remediated on time.
  
• Engage with stakeholders across the Absa Group to motivate and drive remediation of vulnerabilities and identified issues.
  
• Engage with Project Management teams to ensure all new projects are security assessed and in line with the bank’s cyber security policies and standards.
  
• Coordinate penetration test, red team and audit engagements with both internal and external assessment teams.
  
• Respond to Cyber security incidents in coordination with the Group Incident Response and Forensics team.
  
• Report Cyber security incidents to the regulator as specified in the prudential guidelines.
  

Accountability - 20%

• Implement parameters to measure Cyber risks exposure.
  
• Monitoring adherence to cyber risks policy & standards to drive remediation measures.
  
• Reporting all cyber risks consistently and comprehensively to the senior leadership & relevant stakeholders to facilitate appropriate decisions.
  

Accountability- 10%

• Coordinate Cybersecurity awareness activities across the bank from strategic, technical, and general sensitization.
  
• Create Cybersecurity awareness circulars for customers.
  
• Coordinate cybersecurity awareness for the Board members.
  

Accountability - 10%

• Research on emerging cybercrime trends and gathering threats intelligence for onward sharing.
  
• Coordinate red team exercises.
  
• Coordinate penetration testing activities for new and existing applications and infrastructure.
  

Risk and Control objective

• Ensure that all activities and duties are carried out in full compliance with regulatory requirements, Enterprise-Wide Risk Management Framework and internal Absa Policies and Policy Standards.
  
• Understand and manage risks and risk events (incidents) relevant to the role.