Senior Manager - Security Governance & Technical Assurance

Responsible for embedding and maintaining technical security control requirements across the Equity network, infrastructure and systems.  Responsibilities include ensuring that appropriate security controls are implemented in the organization by continuously reviewing and updating the policies, operational technology and security processes and standards in alignment to the latest global threats, ensuring optimal performance of the services and identify control efficiencies in how security is operated across all domains. The incumbent will also perform continuous technical security assurance on all Technology service areas to ensure audit compliance and minimized risk exposure. 

Education:

• Minimum of 3 years tertiary qualification (degree/ national diploma) pr equivalent in Information Technology

• Security certification e.g. CISSP & CISM essential

• Other qualifications (ITIL, TMF, COBIT) advantage

• Fluent in English

Experience:

•  Min of 6 years in IT, 2 of which as an Information Security Senior Specialist or Manager in a large enterprise environment essential

• Experience in Banking or Telco industry advantageous

•  Experience should ideally span multiple security domains ranging from security risk and governance, Data Loss Prevention, Authentication, Malware, Network Security, Applications and Operations Systems and Security across platform / database /network

•  Must have a wide breadth of knowledge and experience across security products, tools, and industry trends

• Knowledge of current security risks and protocols as well as good working knowledge of technical risk management and assessments

• Ability to interact with a broad cross-section of personnel to explain and enforce security measures

• Ability to maintain a high level of discretion and personal integrity in the exercise of duties, including the ability to professionally address confidential matters

• Expert knowledge of regulatory compliance requirements (PCI-DSS, ISO 27001, GDPR, etc.)

• Excellent written and verbal communication skills as well as business acumen and a commercial outlook

• Good analytic and problem-solving skills

• Ability to work under pressure, as well as the ability to take independent initiative when needed.

Training:

• Security certification courses

• Microsoft certifications

• Systems/Database/Network administration training

• Some training on Oracle, SUN Solaris and Linux is also required

• Training on any scripting language

• IP network related training

• Cloud security training

• Architect and design certifications