Specialist IT Security & Information Risk Management at T2 (Formerly 9Mobile)

Job Summary        

Has responsibility for the management of IT-related internal audit findings to closure and supporting the Manager, IT Risk in identifying and managing IT and Privacy risks whilst ensuring compliance with regulations, policies and processes.

Principal Functions        

• Proactively track remediation of IT Security audit findings for prompt closure
• Act as the day-to-day primary contact for EMTS Internal Auditors within the IT Department
• Provide day-to-day support in the operational and compliance monitoring on Data Privacy and Protection across the enterprise.
• Conduct regular reviews of EMTS staff and key IT vendors' compliance with IT Security policies and processes to detect and remediate non-compliance.
• Provide support with regards to IT Security controls during the design phase of a new product and the redesign of existing products, processes and systems.
• Support Manager, IT Risk in documenting, analyzing, and assessing IT related risk and controls, testing the effectiveness of controls, and identifying issues that require management's attention.
• Support the conduct and administration of cybersecurity awareness and education program
• Works with IS/IT teams and internal and external Auditors, tracking and following up all IS/IT audits, internal review or regulatory findings as corrective & preventative actions through the management systems
• Monitors and reports on progress and status of corrective & preventative actions in the management system to address compliance gaps.
• Support the investigation and reporting on compliance breaches, document and track agreed remedial actions and ensure corrective actions are documented and tracked.
• Carry out other activities as directed by the Manager, IT Risk Management and Head, Information Risk Management.

Educational Requirements        

• First degree in numerate, Technology or Sciences (Engineering, Computer Science, Mathematics)

Experience,Skills & Competencies        

• 3 - 5 years of experience in a combination of risk management, compliance, information security and IS/IT jobs
• Industry-related compliance, risk or security management certification is preferred (CRISC, CISM, CISSP)
• Demonstrated ability to apply IS/IT-related knowledge and experience in solving compliance issues
• Experience with ISMS (ISO 27001 &27005) implementation and certification