Head: Cybersecurity Governance, Risk and Reporting

Empowering Africa’s tomorrow, together…one story at a time

With over 100 years of rich history and strongly positioned as a local bank with regional and international expertise, a career with our family offers the opportunity to be part of this exciting growth journey, to reset our future and shape our destiny as a proudly African group.

To develop a functional risk and securities operating model and framework in a broadly defined business functional strategy; enabling horizontal alignment, implementation and adoption.

The successful candidate will be a senior member of the Converged Security Office (CSO) with accountability for First Line Cybersecurity Governance, Risk, Compliance Oversight and Executive Reporting for the Chief Security Office specifically pertaining to cybersecurity risks. The role is responsible for defining, embedding and overseeing Cyber Security risks ensuring alignment with Group policies, regulatory expectations and Board-approved risk appetite.

The primary function of the role is to provide leadership and assurance that Absa operates within approved cybersecurity risk tolerances, maintains strong governance disciplines, and delivers accurate, timely and decision‑enabling cybersecurity risk reporting to Executive Management. Additionally, the role provides oversight and challenge to in‑country, ARO and Group stakeholders, ensuring consistent governance practices and effective cybersecurity risk management outcomes.

The role is accountable for delivery across the following areas:

• Cybersecurity governance, risk and control oversight
• Enterprise cybersecurity risk and compliance reporting to Executive, Board and Regulators as and when required
• Cybersecurity first line risk insight and decision support
• Culture, capability and maturity uplift across cybersecurity governance and reporting disciplines

• Provide leadership and direction for Cybersecurity Governance, Risk and Control Management across Cyber Security first line risk
• Define and maintain enterprise cybersecurity governance frameworks aligned to Group standards and regulatory requirements
• Act as a senior custodian of first line cybersecurity risk governance, ensuring effective oversight, challenge and escalation of material risks
• Provide independent, informed cybersecurity risk insight and advice to Executive Management and Board Committees
• Ensure consistent cybersecurity governance practices across in‑country, ARO and Group operating models

• Own and oversee the design, quality and integrity of executive‑level cybersecurity reporting
• Ensure delivery of accurate, timely and forward‑looking cybersecurity risk reporting to Executive Committees, Board Committees and Regulators as and when required
• Translate complex cybersecurity risk, control and technical information into clear executive narratives and insights
  
  Ensure cybersecurity risk reporting supports decision‑making, risk appetite monitoring and strategic prioritisation
• Oversee continuous improvement of reporting automation, dashboards and analytics

• Oversee enterprise‑wide risk assessments across Cyber Security risk
• Ensure cybersecurity key risk indicators (KRIs) and control metrics are defined, monitored and acted upon
• Provide executive challenge on risk acceptance, remediation prioritisation and control effectiveness
• Ensure alignment between risk assessments, audit outcomes and remediation plans

• Champion a strong cybersecurity governance, risk and accountability culture across Absa
• Design executive and senior‑leader risk awareness initiatives
• Build and develop high‑performing cybersecurity governance and reporting team
• Drive capability uplift and maturity improvement across cybersecurity risk and reporting disciplines

Ensure all activities and accountabilities are executed in full compliance with:

• Regulatory requirements
• Enterprise‑Wide Risk Management Framework
• Group and Absa internal policies and standards

Ensure effective identification, management and…