Professional Documents
Culture Documents
REPORTING RELATIONSHIPS
Risk Management
Internal Audit
Divisional Heads
All Staff
FUNCTIONAL COMPETENCIES
Responsible for assurance over enterprise security and security operations as well as operational compliance
to all ISO and related standards and regulations.
Lead the planning and execution of information security assurance, under the directives of the Chief
Information Security Officer.
Lead the creation and maintenance of information security policies, standards, & baselines
Build awareness of new and evolving IT risks across the business and implement appropriate systems and
processes which ensure that information risks are detected early and proactively managed with timely
remediation when undesired events occur.
Lead the identification of Key Risk Indicators (KRIs) across the business based on up-to- date situational
analyses and trends and drive effective risk oversight by providing timely and relevant information on KRIs.
Plan and execute quarterly Information Security audits, complete with detailed findings and remediation
follow-ups.
Implement and maintain compliance with relevant standards e.g. ISO27001, NIST, CIS, etc.
Liaise with Risk Management, Internal Audit, and other relevant functions across the business to ensure that
all risk registers and compliance-related documentation are up to date in line with the overall enterprise risk
management approach.
Conduct continuous risk assessments and business impact analyses for new and existing solutions.
Stay informed of all IT risks before they are highlighted by Audit or 3rd-parties. Ensure closure of open audit
items.
Aggregate information to identify operational control weaknesses and build a risk management dashboard
that is refreshed and published periodically.
Special and Other Duties
Prepare various reports for management decision making
Experience and Qualifications Bachelor’s and/or Advanced degree in Computer Science or any
Required related disciplines.