The Senior Manager – Cybersecurity Audits and
Advisory is responsible for leading cybersecurity audit and advisory
assignments across the Group. This role oversees the planning, execution, and
reporting of cybersecurity audits, as well as providing strategic advisory
services to enhance the organization’s cybersecurity posture and align with
industry best practices.
Reports to Group Head of Audit – Technology, Digital
and Data Analytics.
Job Responsibilities
Cybersecurity Audit Planning and Execution:
Assist in developing and executing the annual
internal plan with specific responsibility for cybersecurity audits.
Lead and coordinate cybersecurity audits across the
Group, ensuring consistency in audit methodologies and standards.
Evaluate the design and operating effectiveness of
cybersecurity controls, access management, network security, data protection,
and incident response.
Assess compliance with relevant cybersecurity regulations, industry standards, and internal policies.
Cybersecurity Advisory Services:
Provide strategic advice and recommendations to
enhance the Group’s cybersecurity controls, risk management practices, and
overall security posture.
Conduct cybersecurity assessments, gap analyses, and
maturity evaluations to identify improvement opportunities.
Advise on the implementation of cybersecurity
frameworks, standards, and best practices across the organization.
Support the development and review of cybersecurity
policies, procedures, and guidelines.
Provide relevant assurance and advisory services in
select IT projects.
Audit Team Management:
Manage and mentor a team of cybersecurity auditors
and advisors, providing guidance, training, and professional development
opportunities.
Assign audit and advisory resources effectively
across the Group’s entities and ensure adherence to timelines and budgets.
Foster collaboration and knowledge-sharing among the
cybersecurity teams across different locations.
Reporting and Communication:
Prepare comprehensive audit reports and advisory
deliverables detailing findings, risks, and recommendations.
Present audit results, advisory recommendations, and
strategic insights to senior management, CISO, and relevant stakeholders.
Collaborate with local IT audit teams, cybersecurity
function, and business units to ensure effective communication and alignment.
Provide strategic level advisory through
communication of key themes, insights and foresights to senior management and
the Board.
Stakeholder Management:
Liaise with relevant stakeholders, including IT
managers, business unit leaders, and regulatory authorities, to understand
their expectations and requirements.
Foster positive relationships with internal and
external stakeholders, promoting transparency and trust in the audit and
advisory processes.
Continuous Improvement and Thought Leadership:
Stay updated with emerging cybersecurity threats,
regulatory changes, and industry best practices, and incorporate them into the
audit and advisory programs.
Contribute to the development of cybersecurity
strategies, frameworks, and methodologies within the organization.
Qualifications
Bachelor’s Degree in Computer Science, Information
Technology or a related field from a recognized university.
Professional cyber security certifications such as
OSCP, CCIE Security, LPT or equivalent cybersecurity certifications.
Minimum of 8+ years of experience in cybersecurity
auditing, IT audit, IT security, risk management, advisory services, or related
roles, with a focus on the financial services industry.
Competencies
Proficiency in the use of penetration testing and
vulnerability assessment tools and in conducting ethical hacking assignments.
Proven ability to lead and manage teams of
cybersecurity professionals.
Strong understanding of cybersecurity frameworks,
standards, and regulations (e.g., NIST, ISO, PCI-DSS).
Analytical and problem-solving skills to identify and
address complex cybersecurity risks and provide actionable solutions.
Excellent communication and interpersonal skills for
effectively presenting findings, recommendations, and strategic insights to
stakeholders at all levels.
Ability to travel domestically and internationally as
required.
Results orientation
High integrity and strength of character
How To Apply