Job description
- Location:Sandton
- Employee Type:Permanent
- Department:IT - Information Security
- Division:Central Services
Security Governance Analyst (Info Sec) (11765)
Description
We are seeking a highly motivated and detail-oriented Security Governance Analyst to join our Information Security team. The ideal candidate will be responsible for developing, implementing, and maintaining security governance frameworks and policies that align with industry standards and regulatory requirements. You will play a critical role in ensuring that our organisation's information assets are protected and that we adhere to best practices in security governance.
Key Responsibilities:
• Develop, implement, and maintain security governance frameworks, policies, and procedures to ensure compliance with relevant laws, regulations, and standards (e.g., ISO 27001, GDPR, NIST).
• Coordinate and assist in completion of various security controls assessments of information security capabilities to ensure that IT controls are compliant with regulations
• Collaborate with various departments to ensure that security governance policies are effectively communicated and integrated into business processes.
• Assist in reporting on the organisation's compliance using defined metrics in relation to security policies and procedures, providing recommendations for remediation where necessary.
• Assist in the implementation of governance related security projects in line with the Group Security Strategy and that address identified risks and business security requirements
• Participate in the overall technology risk management process to provide feedback on security risks, mitigations and tactical and strategic remediation around risk issues
• Serve as a point of contact for security governance-related inquiries and provide guidance to stakeholders
• Assist in the preparation of security governance reports for presentation to senior management and relevant committees
• Research emerging security threats, trends, and technologies to inform governance strategies and initiatives.
• Be a part of programs to promote a culture of security within the organisation.
Experience, skill and capability
• Bachelor's degree in Information Security, Cybersecurity, Computer Science, or a related field.
• Minimum of 4 years of experience in information security governance, risk management or compliance with information and cyber security focus.
• Strong understanding of security frameworks, security controls, regulations, and standards.
• Relevant certifications (e.g., CISM, CISSP, CRISC).
• Excellent analytical and problem-solving skills with a keen attention to detail.
• Strong verbal and written communication and presentation delivery skills, with the ability to deliver complex information clearly to a variety of audiences.
• Proven ability to work collaboratively in a team-oriented environment and manage multiple priorities effectively.
The Investec Culture
At Investec we look for intelligent, energetic people filled with passion, integrity and curiosity. We value individuals who in turn value our culture that is, a flexible attitude comfortable to live with ambiguity and willing to challenge the status quo. Diversity, talent and leadership are respected in pursuit of the growth of our business. People who can manage themselves and build strong relationships in order to get things done, will perform in out of the ordinary ways in our environment.
We are committed to diversity and inclusion when recruiting internally and externally.
We commit to ensure that everyone is fairly assessed during our recruitment process.
Let us know if you need any reasonable adjustments to complete your application.