Chief, Information & Security Officer at Standard Bank Group

The Chief Information  & Security Officer is a second line function and is independent from day-to-day information technology operations. The role is responsible and accountable for executing the cyber and information risk management framework with sufficient authority and resources.

Essential Functions

• Provide leadership to the Bank’s information security organization.
• Oversee and enforce cyber and information risk management policies, frameworks, and other technology-related regulatory requirements.
• Monitor performance and outcomes of cyber resilience and intervene if necessary to ensure that specified direction is followed.
• Review and assess risks associated with changes in the cyber and information risk landscape.
• Setup mechanism to monitor cyber and information security threats on an ongoing basis, and to promptly detect, analyse, and respond to cyber and information security incidents.
• Cultivate a strong level of awareness of and commitment to cyber resilience by conducting comprehensive cyber and information risk awareness training programmes to its members of staff and other stakeholders.
• Develop, implement and monitor a strategic, comprehensive enterprise information security risk management program.
• Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services.
• Regularly apprise the board of salient and adverse cyber and information risk developments and incidents that are likely to have a major impact on the regulated entity in a timely manner.
• Collaborate with relevant stakeholders to share cyber threats, incidents, and attacks that the Bank encounters.
• Oversee the evaluation and management of cyber and information risks introduced by third party service providers.