Job Purpose:
Our purpose is transforming lives, giving dignity,
and expanding opportunities for wealth creation.
The Senior Manager – Cybersecurity Audits and
Advisory is responsible for leading cybersecurity audit and
advisory assignments across the Group. This role oversees the planning,
execution, and reporting of cybersecurity audits, as well as providing
strategic advisory services to enhance the organization’s cybersecurity posture
and align with industry best practices.
Reports to Group Head of Audit – Technology, Digital
and Data Analytics.
Job Responsibilities:
Cybersecurity Audit Planning and Execution:
- Assist in developing and executing the annual internal plan
with specific responsibility for cybersecurity audits.
- Lead and coordinate cybersecurity audits across the Group,
ensuring consistency in audit methodologies and standards.
- Evaluate the design and operating effectiveness of
cybersecurity controls, access management, network security, data
protection, and incident response.
- Assess compliance with relevant cybersecurity regulations,
industry standards, and internal policies.
Cybersecurity Advisory Services:
- Provide strategic advice and recommendations to enhance the
Group’s cybersecurity controls, risk management practices, and
overall security posture.
- Conduct cybersecurity assessments, gap analyses, and maturity
evaluations to identify improvement opportunities.
- Advise on the implementation of cybersecurity frameworks,
standards, and best practices across the organization.
- Support the development and review of cybersecurity policies,
procedures, and guidelines.
- Provide relevant assurance and advisory services in select IT
projects.
Audit Team Management:
- Manage and mentor a team of cybersecurity auditors and
advisors, providing guidance, training, and professional development
opportunities.
- Assign audit and advisory resources effectively across the
Group’s entities and ensure adherence to timelines and budgets.
- Foster collaboration and knowledge-sharing among the
cybersecurity teams across different locations.
Reporting and Communication:
- Prepare comprehensive audit reports and advisory deliverables
detailing findings, risks, and recommendations.
- Present audit results, advisory recommendations, and strategic
insights to senior management, CISO, and relevant stakeholders.
- Collaborate with local IT audit teams, cybersecurity function,
and business units to ensure effective communication and alignment.
- Provide strategic level advisory through communication of key
themes, insights and foresights to senior management and the Board.
Stakeholder Management:
- Liaise with relevant stakeholders, including IT managers,
business unit leaders, and regulatory authorities, to understand their
expectations and requirements.
- Foster positive relationships with internal and external
stakeholders, promoting transparency and trust in the audit and advisory
processes.
Continuous Improvement and Thought Leadership:
- Stay updated with emerging cybersecurity threats, regulatory
changes, and industry best practices, and incorporate them into the audit
and advisory programs.
- Contribute to the development of cybersecurity strategies,
frameworks, and methodologies within the organization.
Qualifications
- Bachelor’s Degree in Computer Science, Information Technology
or a related field from a recognized university.
- Professional cyber security certifications such as OSCP, CCIE
Security, LPT or equivalent cybersecurity certifications.
- Minimum of 8+ years of experience in cybersecurity auditing,
IT audit, IT security, risk management, advisory services, or related
roles, with a focus on the financial services industry.
Competencies:
- Proficiency in the use of penetration testing and
vulnerability assessment tools and in conducting ethical hacking
assignments.
- Proven ability to lead and manage teams of cybersecurity
professionals.
- Strong understanding of cybersecurity frameworks, standards,
and regulations (e.g., NIST, ISO, PCI-DSS).
- Analytical and problem-solving skills to identify and address
complex cybersecurity risks and provide actionable solutions.
- Excellent communication and interpersonal skills for
effectively presenting findings, recommendations, and strategic
insights to stakeholders at all levels.
- Ability to travel domestically and internationally as
required.
- Results orientation
- High integrity and strength of character
How To Apply
