JOB TITLE:
Information Security Governance, Risk and Compliance (GRC) Analyst
LOCATION:
Remote / Johannesburg / Stellenbosch
ABOUT CYBERLOGIC:
Cyberlogic is a trusted Managed Solutions Provider focusing on optimising cloud infrastructure and cyber security. Our just cause is to enable digital transformation through delivering unquestionable value.
Our core capabilities are in IT leadership, security and cloud. We have over 27 years of experience in infrastructure and support services, adhere to ITIL best practices and hold a breadth of knowledge across various technologies and industries.
We believe our people are essential to our continued success and support career growth through our Go4Growth model which is aimed at encouraging our people to continuously contribute, learn, evolve and succeed.
OUR VALUES:
We challenge ourselves to be more AWESOME
We are driven to KEEP learning and EVOLVING
We look beyond symptoms to identify and RESOLVE ROOT CAUSES
We hold each other accountable through CANDID and constructive FEEDBACK
We respect and care for each other and know we will only SUCCEED if we work AS A TEAM
We CARE deeply ABOUT the success of CYBERLOGIC
We FINISH WHAT WE START
We always GIVE OUR BEST even if it means putting in the hard yards
We KEEP THINGS SIMPLE
PURPOSE OF POSITION:
The Information Security Governance, Risk and Compliance Analyst provides support to all client organisation-wide information governance activities. The position focuses on establishing and ensuring adherence to enterprise information security policies, standards and practices, both at the department and Business and Functional areas level, to achieve the required level of consistency, quality and protection to meet overall business needs.
This position will also provide input into strategic roadmaps and critical dashboards to provide management status to executive leadership. A GRC analyst will provide support in reviewing and editing existing Information Security Policies and Standards, manage and report on awareness training platforms as well as perform compliance checks on client systems.
A person with this role must be able to understand complex information and communicate the information to people with diverse professional backgrounds.
KEY RESPONSIBILITIES:
Draft and review information security related policies
Carry out risk assessments and control reviews
Serve as a liaison between Business and Functional areas and technology to ensure that Information Security Policies related business requirements for protecting sensitive data are clearly defined, communicated, and well understood and considered as part of operational prioritization and planning.
Be an information security consultant in discussions regarding clients’ information security strategies.
Verify compliance with the agreed policies
Manage security awareness reports
Analyse and account for positive and negative variances in report data
CORE COMPETENCIES:
Deciding & Initiating Action
Working with People
Adhering to Principles & Values
Persuading & Influencing
Presenting & Communicating
Writing & Reporting
Applying Expertise & Technology
Analysing
Learning & Researching
Creating & Innovating
Formulating Concepts & Strategies
Planning & Organising
Delivering Results & Meeting Client Expectations
Following Instructions & Procedures
Adapting & Responding to Change
Coping with Pressure
Achieving Goals & Objectives
KEY REQUIREMENTS:
Relevant Tertiary Qualification
At least 2-3 years working experience in information security governance, risk and compliance.
Excellent Communication skills (Written and Verbal)
CISA, CISM or CISSP preferable
DESIRED REQUIREMENTS
You may be required to travel to clients or our other offices. Own vehicle and a valid driver’s license is required.
Should you work from home, it is your responsibility to ensure that you have uninterrupted internet connectivity and a ‘work-like’ environment at your home location to deliver your best in terms of performance and productivity.