Head, Internal Audit - Information & Cyber Security at Standard Bank Group

Job Description

To lead and review the audit process for Information and Cyber Security across the group in line with the Group Internal Audit strategy to provide independent and objective assurance and advice within a segment or area of expertise to ensure sustainable client centric management of risk across SBG.

• Contribute to the development and implementation of GIA's strategy and operating model by applying insights from the SBG strategy and operating model, business unit strategy and operating model, products, services, client-base and competitive environment, industry and wider developments, regulatory environment, business developments and changes, operations, risk management practices and global assurance practices
• Assess, identify and report on practices in the audit portfolio which negatively impact client experience and raise recommendations to improve client experience.
• Implement the people plan for the portfolio to attract, retain, develop, manage and lead people capable of delivering GIA's objectives. Monitor the effectiveness of the plan and provide regular feedback to inform further development and improvements to the plan.
• Contribute to the development of GIA's data strategy. Implement the strategy across the portfolio.
• Contribute to GIA's technology strategy and implementation. Apply insights on practical audit needs, and from leading technology developments in wider fields, in financial services, within SBG and in risk and assurance practices.

Qualifications

• Post Graduate Degree - IT/ Information Systems/Information Security (Min)
• CISA (Min)
• CISM (Preferred)
• CISSP (Preferred)
• Cloud Security certifications (AWS/Azure) (Preferred)

Additional Information

Experience Required

10 Years + Proven experience in IT Security and audit project management. Experience in building partnerships and engaging with multiple stakeholders at senior levels across the ecosystem. Experience in understanding and evaluating security controls across various technology platforms. Experience in leading large teams; Change management experience.

Behavioural & Technical Competencies

• Making Decisions: This competency is about the pace at which individuals are prepared to make decisions, as well as their willingness to take responsibility for their decisions when under pressure. It also deals with the extent to which individuals are definite about their views and opinions.
• Upholding Standards: Upholding Standards within the organisation is important for ensuring that high quality products and services are provided as well as for ensuring that trust is created and maintained. Individuals need to focus on developing proper and discreet behaviour and to honour their commitments in order to be effective at demonstrating this competency.
• Developing Strategies: This competency includes facets of behaviour such as being visionary and establishing effective plans that take into consideration long-term aspects. This competency also includes the need for individuals to focus on identifying trends.
• Internal Auditing: The ability to follow a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes in accordance with the IA professional standards to enhance and protect organisational value
• Maintain IA Professional Practices: Knowledge of Internal Audit International Professional Practices and apply them to improve the audit methodology, and as a quality standard for audit engagement deliverables to ensure continuous improvement of the audit function.
• IA Technology Application: The ability to utilise technology to source and analyse data that supports the internal audit process (risk assessments, full population testing) and drive visual presentation