Posted time October 20, 2024 Location Johannesburg

The Opportunity: 

We are seeking a dedicated professional with experience in GRC (Governance, Risk Management, and Compliance). The ideal candidate will collaborate with internal stakeholders and external auditors to manage Information Security and compliance risks. While experience in various lead auditing roles will be considered, our primary preference is for expertise in leading PCI, SOC2, and Cloud Security audits. In this role, you will allocate 20-35% of your time to Business Continuity, with the remainder dedicated to GRC domains from your most effective work location.

The role will require and independent pro-active thinker, strong stakeholder management, and natural team player.

This position is open to both local and international candidates with relocation support available for eligible candidates to help ensure a smooth transition to working and living in Bangkok.

In this Role, you will get to:  

  • Leads, owns, and drives projects, audits, and proactive initiatives with minimal oversight, ensuring successful delivery from concept to completion, while complying with both internal and external standards and regulations.
  • Extensive experience and expertise while consistently improve risk, compliance & resilience strategies, roadmaps and align with industry frameworks PCI DSS, SOC2, BCP etc.
  • Leads and manages complex IT security projects, ensuring clear communication to achieve the intended vision, and spearheads major cross-platform and cross-functional initiatives.
  • This position requires a proven subject matter expert with demonstrated competency in the planning, development, program execution, maintenance and testing of GRC functions including Business Continuity.
  • Track and ensure adequate and timely resolution to all audit and risk assessment findings or issues relating to information security, and never miss a deadline.
  • Proactively and effectively communicates any gaps or improvements, both internally and externally, through written and verbal communication.
  • Positively influences the team and peer teams by proactively spearheading advancements.

What you’ll Need to Succeed: 

  • Experience of working on Risk Analytics experience within IT Threat, Vulnerability, Business Continuity, and Risk Assessment,
    National and International Regulatory Compliances and Frameworks such as NIST Cyber Security Framework, ISO, PCI DSS, GDPR etc.
    In depth knowledge of IT Security Management risk practices.
  • Bachelor’s degree in a related field such as Business, Computer Information Systems, Computer Science, Information Systems Management, or equivalent professional experience
  • 5-7 years of experience working in a technology role, preferably in a security background.
  • Strong understanding of international Information Security standards.
  • The ability to work on multiple projects simultaneously and balance conflicting demands
  • Comfortable analyzing operational and technical data, working under pressure and meeting deadlines
  • Independent self-starter, problem-solving mindset, team player and ability to multi-task
  • Strong communication, including presentation skills, able to convey complex concepts to a variety of audiences
  • Strong project management skills.
  • The flexibility to make quick decisions as disasters change and develop.

It’s great if you have: 

  • Experience leading global projects across different locations.
  • Individuals must have IT-related experience demonstrating each of the four competencies listed below:
    • Attention to Detail– Is thorough when performing work and conscientious about attending to detail.
    • Stakeholder management– Works with clients and leadership.
    • Oral Communication– Expresses information to individuals or groups effectively.
    • Problem Solving– Identifies problems; determines accuracy and relevance of information.