IT Governance Administrator

The IT Governance Administrator will assist in identifying, defining and maintaining the information security policies and standards for the organisation. The IT Governance Administrator will work closely with all service lines to ensure compliance and implementation of audit controls.

Performance Objectives:

PO 1:
Risk Management

· Manages and tracks all internal and external (client) audit compliance requirements.

· Manages and coordinate internal and client risks.

· Ensures division complies to all mandated policies, laws, and audit requirements.

PO 2:
Operational Excellence

· Assist in Development of an ICT Governance and Compliance Framework

· Assist in Development and Management of an ICT Policy framework, including the Group Information Security Policy, and associated Security and Governance Policies;

· Assist in Development and implementation of a Data Classification and Data Leakage Strategy

· Assist in Development and implementation of the ICT Business Continuity and Disaster Recovery Strategy and associated plans, and ensuring alignment of the strategy to business requirements (Business Impact and Risk Analysis);

· Assist in Development, Management and Implementation of an ICT Security Strategy;

· Assist in Development and Implementation of Secure Configuration Standards for critical and identified technologies

· Assist in Development, Management and Implementation of an ICT Security Awareness campaign;

· Development and Management of an ICT Security Maturity plan;

Behavioral Competencies:

Essential

· Passion for all things security

· Ability to operate independently as well as in a team environment

· Excellent communication skills – verbal and written

· Excellent documentation skills

· Strong client focus

· Strong planning and organisational skills

· Able to maintain professional demeanour under stress

· Have a proactive approach

· Professionalism

· Able to manage time effectively and set priorities appropriately

Desirable

· Service management experience

· Be coachable

· Able to operate and engage with Stakeholders at a Senior Management level

Technical Competencies

Essential

· Knowledge of Application security controls

· Knowledge of operating system controls

· Knowledge of ICT infrastructure and security components

· Understanding of Cyber security controls

o Penetration Testing

o Vulnerability management

o Mitigation Controls

· Security information monitoring solutions

· Data Security Concepts and principles

· Knowledge of industry frameworks

o ITIL

o ISO
27001/2

o NIST

o CIS
20

o POPIA / GDPR

o GRC

· Understanding of ICT risk and Governance activities for all ICT service lines

· Understanding of POPI and GDPR regulations in relation to ICT

· PCI / POPIA / GDPR

· Forensic tools

· Knowledge disaster recovery

· Security awareness programmes

· PCI / POPIA / GDPR

· Forensic tools

· Knowledge disaster recovery

· Security awareness programmes

· PCI / POPIA / GDPR

· Forensic tools

· Knowledge disaster recovery

· Security awareness programmes

Desirable

PCI/ POPIA/ GDPR

Forensic Tools

Knowledge disaster recovery

Security awareness programs

Bachelor’s degree in information system 2-5 years experience.

ISO
27001 2-5 years experience

ITIL 2-5 years experience

POPIA / GDPR 1-3 years experience.

Governance Risk and Compliance 1-3 years experience

Special Requirements

· 2-5 Years work experience in a Governance role

· 2+ years in a similar role within an ICT organisation provisioning managed services