Senior Audit Manager : Cyber
Senior Audit Manager : Cyber
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
Requisition Details & Talent Acquisition Consultant
REQ 141632 Thembi Mtshali
Location Johannesburg
Job Family
Career Stream
Leadership Pipeline
Job Purpose
To provide strategic leadership and guidance to teams by providing independent assurance of the control environment to the Nedbank Group Audit Committee and ensuring effective risk management practices are implemented across Nedbank..
Purpose OF GIA
The purpose of GIA is to provide independent objective assurance to the Nedbank Group Limited Board of Directors via the Group Audit Committee (GAC) that the governance processes management of risk and systems of internal control are adequate and effective to mitigate the risks (in line with GIA Methodology) both current and emerging that threaten the achievement of the Groups strategy and key objectives and in so doing help improve the internal control and risk culture of the Group.
GIA receives its authority from the GAC which is a committee of the Board of Nedbank Group Limited established to among other things review the work of Internal Audit of Nedbank Group Limited and its subsidiaries (the Group).
Job Responsibilities
The Senior Audit Manager Cyber in the discharge of his / her duties shall be responsible inter alia to the Nedbank Group CIA / Portfolio Executive / s to:
Support the periodic assessments of the outcomes of internal audit work to appropriate governing bodies including the GAC Board Risk Committee Executive IT Committee (EITCO) and Group IT Committee (GITCO);
Report on the overall effectiveness of the governance risk and internal control framework of the Group;
Comply with regulatory and corporate governance expectations of the internal audit functions;
Report significant Cyber issues related to the processes for controlling the activities of the Group including potential improvements to those processes;
Report periodically on the progress of the Cyber audit plan delivery;
Have in place a robust process to follow-up on managements agreed actions to address Cyber issues raised by GIA;
Responsible for the delivery and measurable performance of their respective Cyber portfolio including audit plan delivery;
Apply judgement to provide an overall audit opinion on the Cyber system of internal controls of the Group;
Provide insights from the outcomes of internal Cyber audit work to appropriate governing bodies;
Maintain an open and constructive relationship as a Trusted Advisor with senior internal and external stakeholders including Institute of Internal Audit SARB External Audit and Business Executives;
Implement effective and efficient audit processes to ensure that audit processes are optimized and comply with the relevant governance expectations of internal audit functions;
Develop and maintain relationships with business and key stakeholders to ensure robustness and completeness of audit coverage and contribute at an insight generator / trusted advisor to business to enhance assurance provided over the control environment;
Contribute to the development of a 12-month rolling audit plan (including Cyber) using a risk-based methodology taking into consideration specific business strategic focus areas regulatory requirements pertaining to internal audit as well as including any risks or control concerns identified by management the GAC and the Board;
Deliver and report on the rolling Cyber risk-based internal audit plan;
Allocate audit resources in accordance with the Cyber risk profile for the responsible clusters and ensure the effective and efficient use of these resources in accordance with approved budgets;
Have a robust process in place to follow-up and report on managements progress in implementing agreed actions to address Cyber issues identified by GIA; and
Maintain an open and constructive relationship with the CIA GIA HoA: Digital & Technology Business executives and key stakeholders by providing value added services and sharing information.
Essential Qualifications - NQF Level
- Advanced Diplomas/National 1st Degrees
Preferred Qualification
Minimum required qualification: Commercial or related degree;
Advanced certifications diplomas professional certifications advanced degrees in Cyber or information security - examples include:
CISM (Certified Information Security Manager)
CISSP (Certified Information Systems Security Professional)
ISMP (Information Security Management Principles)
CCSP (Certified Cloud Security Professional)
Certified Ethical Hacker (CEH) EC Council
OSCP Offensive Security Certified Professional
ISO27001 Lead Auditor/Implementer Certificate
SABSA Chartered Security Architect
(TOGAF) The Open Group Architecture Framework
Cisco Unity Systems Engineer
ITIL IT Infrastructure Library Foundation
and/or or suitable hands-on or product specific (e.g. Microsoft Azure Amazon AWS etc.) experience is required.
Minimum Experience Level
8 10 years financial services experience in a senior position;
Cyber experience in a Banking institute and / or cyber consultancy;
Ability to operate at a Senior level; and
Leadership experience leading teams.
Technical / Professional Knowledge
- Accounting standards
- Change management
- Financial Accounting Principles
- Governance Risk and Controls
- Principles of project management
- Relevant regulatory knowledge
- Risk management process and frameworks
- Strategic planning
- Institute of Internal Auditors standards
- Code of Ethics
Behavioural Competencies
- Building Partnerships
- Earning Trust
- Coaching
- Communication
- Driving for Results
Please contact the Nedbank Recruiting Team at
Required Experience:
Manager
Employment Type
Full Time
