Job Description: Responsibilities, Qualifications, and Necessary Skills
IT / Telecom Jobs In South Africa 2024Jobs In South Africa 2024
A Must Read Article: 10 checks to identify fraudulent or scam job offers
Click here to join us on Telegram
1. Patiently scroll down and read the job description below.
2. Scroll down and find how to apply or mode of application for this job after the job description.
3. Carefully follow the instructions on how to apply.
4. Always apply for a job by attaching CV with a Cover Letter / Application Letter.
Coca-Cola Beverages Africa (CCBA) presents an exciting opportunity for an experienced IT Security Assurance Specialist, to join the CCBA Information Technology team. The successful applicant will be reporting into the Governance, Risk and Compliance Manager. This is a senior specialist level position in the IT Risk and Compliance Team and plays an important role in ensuring the safety of CCBA’s information technology hardware, software, and data by using audits and security assessments to proactively identify and address risks in the environment.
The applicant may reside in any of the CCBA footprints of countries: South Africa, Ethiopia, Kenya, Uganda, Tanzania, Ghana, Mozambique, Botswana, Namibia & Zambia. Coca-Cola Beverages Africa is the largest African Coca-Cola bottler, accounting for 40 percent of all Coca-Cola volumes on the continent.
CCBA is a NARTD market leader in Africa. CCBA has an extensive footprint in Africa, employing over 16 000 employees. CCBA vision is to Refresh Africa every day and make the continent a better place for all, growing successfully as business and creating a better-shared future for our people, customers, consumers, communities, planet and shareholders.
ADVERTISEMENT
CONTINUE READING BELOW
The IT Security Assurance Specialist provides assurance for confidentiality, integrity, and availability of CCBA’s information and information systems. This employee leads the planning and scheduling of a variety of internal and external security assessments so that the organisation can proactively ensure that any potential risks are identified and addressed.
The regular, professional, and efficient coordination and management of these security assessments assure business leaders and users that their online environment and data is adequately protected.
The IT Security Assurance Specialist establishes relationships between second and third lines of defense that is management and independent assessors. This employee also ensures that all IT continuity and disaster recovery plans, processes and approaches adhere to internal security standards.
Key Duties & Responsibilities
- Consulting with senior IT leaders and IT security colleagues to determine the requirements for internal security assessments.
- Creating an annual plan and schedule of planned internal security assessments. Scheduling the internal security assessments for new and existing key IT systems, processes and technologies including applications, databases, data centres and infrastructure.
- Developing and performing IT risk assessments on new and existing key IT systems, processes or technologies including applications, databases, data centres and infrastructure.
- Collaborating with other members of the Governance team to identify providers of independent security assessments and to contract them to deliver the services.
ADVERTISEMENT
CONTINUE READING BELOW
- Facilitating the scheduled annual audit process, including ensuring that assessments are completed in a timely manner.
- Facilitating the IT management response process and action plans related to internal and or external audit findings and self-reported risks.
- Ensuring that remedial actions from security assessments and audit assessments are acted upon in a timely manner.
- Providing management with timely and accurate report about status and progress of the risk audit process and the remediation thereof.
- Acting as the IT liaison with enterprise risk and compliance management functions with regards to business continuity management.
- Defining and developing the CCBA IT disaster recovery plans and ensuring that these plans remain up to date.
- Ensuring that business impact analysis is periodically performed for every running application in the environment and mapped to required continuity controls.
- Sharing information on disaster recovery with all relevant stakeholders and ensuring that they are trained and prepared for any disaster.
- Continuously researching and reading relevant material to understand changes in the broader cyber environment which may result in risk.
- Contributing to the preparation, review, and implementation and updating of risk and compliance policies, controls, and guidelines.
- Providing oversight and support on ongoing red-team exercises carried out by the Security Operations colleagues for identification of the evolving threat-and-risk landscape.
- Lead implementation of cyber risks technologies such as honeypots, to closely understand the threats targeting CCBA.
- Planning milestones for deliverables and deployment and creating a plan that visualise the timeline.
- Meeting regularly with senior-level business stakeholders to identify, agree and understand dynamic changes to their business unit and functional strategies.
- Meeting regularly with risk management and business continuity colleagues in the rest of the business to discuss and agree on organisational integrated risk management and to ensure comprehensive and effective business continuity plans are in place.
- Preparing and delivering updates and reports as required by executive management and the business.
- Supporting team members and collaborating by clearly communicating expectations, progress, constraints, and resolutions.
- Supporting internal improvement initiatives within the IT department to ensure continuous business improvement.
Skills, Experience & Education
Qualifications:
- Bachelors Degree in Computer Science, Information Systems or related Post Graduate qualification in Computer Auditing advantageous Certifications (at least one of the following):
- CRISC (Certified in Risk and Information Systems Control)
- CISA (Certified Information Systems Auditor)
- CISSP (Certified Information Systems Security Professional)
- CISM (Certified Information Security Manager)
ADVERTISEMENT
CONTINUE READING BELOW
- Other certifications:
-
- COBIT5 Implementation
- COBIT5 Assessor
- Certified in Governance, Risk and Compliance (CGRC)
- Certified in the Governance of Enterprise IT (CGEIT)
- BCS IT Governance & InfoSec Basis Practitioner
- Ethical Hacking
- ITIL V4 Managing Professional
- Relevant vendor/equipment specific certification
Experience
- 10 to 12 years of general work experience with at least 5 years relevant experience in governance, risk, and compliance.
RELATED JOBS >> CLICK A JOB BELOW TO VIEW & APPLY
Jobs Live Job Widget
Display job vacancies in South Africa on your website or blog for FREE!!
Disclaimer
- Do not pay any fee to any Recruiter.
- The Recruiter may amend, delete or expire jobs at any time without notification.
- The Recruiter reserves the right not to proceed with filling the position.
- An application will not in itself entitle the applicant to an interview.