Job Description
The role is responsible for driving and supporting the bank's Information Security initiatives through the implementation, monitoring, and optimization of data protection and threat prevention controls. The incumbent will manage and enhance security platforms that protect sensitive data and systems from infiltration, misuse, and data leakage. This includes operational ownership of Data Loss Prevention (DLP), Email Security, Web Security, and Secure Service Edge (SSE) technologies whilst collaborating with risk, legal, compliance, and infrastructure teams to ensure alignment with regulatory and internal security requirements.
Experience coordinating delivery across multiple technology or business domains where work spans platforms, infrastructure, or shared services (advantageous).
Ability to manage crossÃÂâÃÂÃÂÃÂÃÂteam dependencies and ensure clear ownership and alignment across diverse technical streams.
Familiarity with governance, risk, and compliance processes and integrating related commitments (e.g., audit, risk remediation) into programme delivery plans.
Ability to consolidate multiple sources of work intake (strategic initiatives, operational requests, audit actions, BAU activities) into a unified delivery backlog.
General understanding of enterprise technology environments (cloud, identity, networking, platforms, or security controls) to support effective dependency management.
Experience coordinating delivery with thirdÃÂâÃÂÃÂÃÂÃÂparty service providers or vendors, ensuring aligned deliverables and timelines.
Proven capability in identifying and resolving complex blockers involving multiple teams, vendors, or operational units.
Experience supporting delivery hygiene and alignment to organisational standards (e.g., operational readiness, platform compliance, or control maturity baselines).
Strong crossÃÂâÃÂÃÂÃÂÃÂfunctional stakeholder engagement skills with ability to work across business, technology, and operational teams.
Experience delivering in highÃÂâÃÂÃÂÃÂÃÂassurance or regulated environments (financial services, telecoms, large enterprise IT) is advantageous.
Exposure to technologyÃÂâÃÂÃÂÃÂÃÂcontrol domains (identity, data protection, infrastructure hardening, network governance, etc.) is beneficial but not required.
Qualifications
Type of Qualification: First Degree
Field of Study: Information Technology
Experience Required
Cyber Security / Technology
Minimum 10 years in information security or cyber risk, with deep experience in dataÃÂâÃÂÃÂÃÂÃÂsecurity engineering or security operations.
Proven leadership experience in managing complex control environments (email, DLP, SWG, APIs, cloud security).
Strong understanding of POPIA, global dataÃÂâÃÂÃÂÃÂÃÂprotection regulations, cyber frameworks and cloud-native security models.
Demonstrated ability to lead high-performing teams in fastÃÂâÃÂÃÂÃÂÃÂpaced, 24/7 operational environments.
Excellent stakeholder engagement, influencing and communication capabilities.
Certifications such as CISSP, CCSP, CISM or cloud security certifications are advantageous.
Manage and optimize data protection and security controls across endpoints, cloud platforms, and collaboration tools, ensuring minimal false positives and regulatory compliance.
Administer and enhance email and web security solutions to protect against phishing, malware, and spoofing threats.
Configure and monitor secure access technologies, including SSE and Zero Trust policies, to safeguard remote and cloud environments.
Investigate security alerts, support incident response, and provide reporting while collaborating with cross-functional teams to strengthen overall security posture.
Additional Information
Behavioural Competencies:
Challenging Ideas
Convincing People
Developing Strategies
Directing People
Embracing Change
Empowering Individuals
Making Decisions
Providing Insights
Resolving Conflict
Showing Composure
Taking Action
Team Working
Technical Competencies:
Data Analysis
Documenting
Internal & External IT Environment
IT Business Analysis/ Feature Analysis
IT Programme Management
Research & Information Gathering
Service Management Processes
Vendor Evaluation and Management