Reverside is an established it services provider focusing on delivering high-quality software development, it resourcing, digital transformation, and systems support solutions. We are always looking for skilled professionals to join our growing team and contribute to innovative technology projects across various industries.

We are seeking an experienced and highly skilled Cyber Security Senior Specialist to oversee and manage our cyber security initiatives within the financial services, insurance, and lending sector. The ideal candidate should have a deep understanding of cyber security practices and trends and possess the leadership skills necessary to guide a team of professionals in implementing and maintaining an effective and comprehensive cyber security program.

The senior specialist must be able to influence and broker conversation with executive level stakeholders to address cyber risk in the financial services entity.

Key Accountabilities and Decision Ownership:

• Take a proactive approach to ongoing evaluation of cyber security policies to ensure security policy adherence related to business
  
• Support the development and guide a 3-to-5-year Cyber Security Strategy across the business
  
• Achieve and maintain and target Cyber Security Maturity level for the business divisions
  
• Build relevant Business Cases for key initiatives and existing planned cyber programmes.
  
• Design, Develop and Implement a Security Programme for the business divisions
  
• Ensure a Cyber Security Incident Response Practice is in place across the business entity.
  
• Promote awareness of security policies, training, and the governance strategy amongst all levels of divisions to ensure sound security governance is reflected across the entity
  
• Actively manage risks on the Cyber Risk Register from intake to resolution
  
• Communicate risk assessment findings with key stakeholders to develop and monitor risk remediation planConduct regular compliance assessments with the Business to ensure that current and emerging risks are being monitored and managed.
  
• Proactive Control design and implementation guidance provided to the Business
  
• Process and Control Compliance Monitoring and Reporting
  
• Management on the recommended actions
  
• Tracking and monitoring of audit remediation action implementatDesign of status reports as well as insight reporting as and when required by Management.
  
• Lead reporting development with the use of automation and reporting tools to generate Cyber Risk metrics, i.e. KPI’s, KRI’s
  
• To provide Management with assurance covering controls across the business environments that they are adequately designed and operating effectively.
  
• To support Management during audits as well as implement and track Management audit actions to closure
  
• Provide Management with status update reports as well as insight reporting across all Business units
  

Core competencies, knowledge and experience:

• Degree\Relevant tertiary qualification in Information technology and Minimum of 8 + Years of experience in a Cyber Security role Where you meet business deliverables.
  
• At least 5+ years’ experience in cyber Governance, risk, controls and compliance Management in a technology environment
  
• At least 3 – 5 years’ experience in IT Audit And Assurance management in a Cyber or Technology environment
  
• Knowledge of common information Technology management / compliance Frameworks such as ISO/IEC 27001, SOC 2, SOX, ITIL, COBIT, and NIST.
  
• Knowledge of legal, regulatory and privacy Requirements, such as Personally Identifiable Information (PII) Protection and Payment Card Industry (PCI)/Data Security Standard.
  
• High level understanding and Knowledge of Cloud Risk, Compliance and Assurance
  
• Proven experience managing and operating multiple security programs, projects, and initiatives
  
• A deep understanding of Tech Security risks and mitigating solutions
  
• GSM Network Infrastructure
  
• A diverse security background with knowledge in several areas, including: layered security architecture; internet protocols; firewalls; VPN technologies, IDS/IPS, network access control and network segmentation, anti-malware and spam technologies; risk and vulnerability assessments, and compliance.
  
• Security concepts related to DNS, routing, authentication, VPN, proxy services and DDOS mitigation technologies
  
• Windows, UNIX and Linux operating systems
  
• Web Security & Encryption
  

Must have technical / professional qualifications:

• Degree in Electrical Engineering, Computer Science, Information Technology, or equivalent technology-related degree.
  
• An industry certification e.g. ISO 27001 Lead practitioner, CGEIT, CRISC, CISA, CISM and CISSP/CCSP is strongly preferred.
  

Key performance indicators:

• Percentage of compliance with regulatory and compliance requirements for financial services, insurance, and lending entities within the organization
  
• Number of security incidents and response times for financial services, insurance, and lending entities within the organization
  
• Percentage of successful phishing simulations and cybersecurity awareness training completion rates for financial services, insurance, and lending entities within the organization
  
• Percentage reduction in cybersecurity risks and vulnerabilities for financial services, insurance, and lending entities within the organization
  
• Percentage of successful security audits and assessments for financial services, insurance, and lending entities within the organization
  

Requirements

Must have technical / professional qualifications:

• Degree in Electrical Engineering, Computer Science, Information Technology, or equivalent technology-related degree.
  
• An industry certification e.g. ISO 27001 Lead practitioner, CGEIT, CRISC, CISA, CISM and CISSP/CCSP is strongly preferred.