Cyber Assurance Consultant - BSTD at South African Reserve Bank

Brief description

The main purpose of this position is to provide cyber and information security (CIS) assurance to the South African Reserve Bank (SARB) Group through the oversight of third-party relationships and system development activities. 

Detailed description

The successful candidate will be responsible for the following key performance areas:

• Plan and coordinate third-party, product and project CIS assessments across the SARB Group, considering the changing threat landscape and initiatives.
• Define the security requirements to be incorporated in the overall assurance approach for third parties and new solutions.
• Develop a standard approach to ensure the SARB executes its responsibilities in assuring the security of third parties and new solutions.
• Develop and maintain the security elements within the system development life cycle (SDLC) and third-party security assurance methodologies to ensure that CIS threats are managed.
• Manage third-party relationships in the provision of CIS assurance to the SARB Group.
• Ensure third-party providers and system development activities comply with the required governance requirements, in a way that ensures that CIS is maintained. 
• Take responsibility to ensure industry practices and changes are maintained and incorporated in own functional area.
• Provide reporting on the CIS assurance status of third-party and systems development.
• Engage with stakeholders across the SARB Group at different levels of seniority, displaying the ability to solicit information as well as convey and explain information fluently.

QUALIFICATIONS

Job requirements

To be considered for this position, candidates must be in possession of:

• a minimum of a Bachelor’s degree (NQF 7) in Security or Information Technology, or an equivalent qualification;  
• a cyber security certification (would be an added advantage); and
• a minimum of five to seven years of experience in an information technology environment, of which two years should be within a CIS environment.

Additional requirements include:

• knowledge of third-party supplier management;
• knowledge of leading cyber security best practice;
• understanding and knowledge of relevant legislation;
• understanding of information technology trends;
• service and stakeholder focus;
• effective communication skills;
• impact and influence; 
• drive for results;
• problem-solving and analytical skills;
• ability to work in a team;
• planning and organising skills;
• developing and managing relationships;
• conceptual thinking; and
• resilience.