Job Openings at Standard Bank Group - 2 Positions

Job description

Information Technology: Systems development, business analysis, architecture, project management, data warehousing, infrastructure, maintenance and production.

Job Purpose

To provide IT security and Logical Access Management services to the Bank and in so doing ensure that all IT security and Access Management policies and controls are in place for logical access as per Group guidelines. In addition, the LAM Officer will review all user access requests in conjunction with peers in the related departments prior to the granting thereof. Furthermore, the holder will be responsible for direct follow-ups on all IT related audit issues

Key Responsibilities/Accountabilities

• Manage and support Identity and Access Management operations and governance relating to system, infrastructure and application access, user identity lifecycle management and implementing controls to protect the
• Group's key information
• Work on Access management (Physical and Logical) able to analyze audit logs
• Perform folder and file access revalidation
• Ensuring systems are operated, maintained, and disposed of in accordance with policies and practices.
• Ensuring that all system users have the requisite approvals before granting access to the systems
• Reporting all security-related incidents to the IT Security Manager. (ITSM)
• Initiating, with the approval of the ITSM, protective or corrective measures when a security incident or vulnerability is discovered.
• Facilitating user access periodic reviews.
• Ensuring Configuration Management (CM) for security-related IS software, hardware, and firmware is maintained and documented.
• Ensuring that system recovery processes are monitored to ensure that security features and procedures are properly restored.
• Formally notifying the ISSM and Authorizing Official when changes occur that might affect accreditation.
• Ensuring that system security requirements are addressed during all phases of the system life cycle.
• Following procedures developed by the ISSM, authorizing software, hardware, and firmware use before implementation on the system.
• Endpoint Security
• Oversee the implementation, administration, and operation of multiple endpoint security technologies such as but not limited to Safend, Bitlocker, McAfee ePO
• Produce and track metrics for the effectiveness and maturity of endpoint security technologies and processes
• Work with business units to develop goals for measurement improvement
• Oversee development and operation of endpoint information security executive dashboards
• Manage relations with endpoint security vendors
• Provide support for multiple endpoint information security products
• Oversee configuration and administration of security tools
• Maintain current understanding of industry trends and threats
• Interact with IT Security products and support services and project management office to strategize on new project implementation
• Maintain SLA and OLA agreements for endpoint security management
• Report non-compliance & deviations to appropriate stakeholders.
• Provide support to the Computer Incident Response Team
• Monitor and report on risks and vulnerabilities with suggested recommendations

Summary

• Endpoint security and controls – Safend, device control
• Patching
• Antivirus
• DLP
• Access control
• Recertification

Preferred Qualification And Experience

• Bachelor's Degree in Computer Science or related technical discipline
• Must have a current security certifications: CXISSP, CISM, Security+ GIAC, CEH etc.
• Minimum of three (3) years Logical/ identity and access management experience.
• Ability to demonstrate strong knowledge of computer security concepts.
• Demonstrated ability to document processes and procedures.

Knowledge/Technical Skills/Expertise

• Experience in business application, maintenance and/or Information Security and/or System access management
• Logical Access Management experience across locations, application and / or database systems with associated 1st level control and re-certification.
• Excellent technical knowledge and experience of Logical Access and Identity Management processes
• Experience of Sailpoint would be beneficial.
• Security domain experience in applications, security, infrastructure and integration.
• Experience within the financial services sector is highly desirable
• Solid AD administration experience
• Centrify, Vault and BYOD administration and provisioning experience
• ITIL knowledge preferred but not essential
• Excellent communication skills in writing and oral in English
• Reliable, responsible personality, able to work under pressure with greatest accuracy, able to exercise, troubleshoot, analyse and have independent judgment on a daily basis.

go to method of application »

Job description

Job Purpose

To support Bank management in the identification and management of compliance risk as required by relevant regulatory, supervisory and statutory regulations/guidelines, applicable codes of conduct and minimum standards.

Key Responsibilities/Accountabilities

• Implement a risk-based compliance monitoring programme from the Compliance Risk Management Plans.
• Prepare and/or enhance compliance obligation checklists and Self-Assessments of regulatory, legislative, AML and compliance policies in conjunction with the respective business functions.
• Review and maintain comprehensive compliance self assessment attestations from branches and departmental functions on a quarterly basis.
• Conduct off-site and onsite reviews to ensure compliance risk management controls are being adhered to.
• Prepare working papers for the onsite assessments to be conducted on branches and departments.
• Monitor and track closure of exceptions/ lapses raised from the Compliance Self-Assessment attestations.
• Co-ordinate the implementation of corrective measures to mitigate identified deficiencies.
• Identify and assess the compliance and internal control risks and gaps associated with the bank’s activities.
• Entrench AML policies and ensure that appropriate AML procedures are implemented effectively by the bank including customer acceptance policy, customer due diligence, record keeping and on-going monitoring
• Work with business functions to ensure potential risks have been mitigated in the bank’s proposed future business activities.
• Advice on compliance related legislation affecting the bank.
• Make recommendations for the amendment of policies, procedures, and processes where necessary.
• Review the bank’s compliance policy on an annual basis to ensure completeness and consistency with current and prospective organizational responsibilities.
• Conduct targeted reviews to assess compliance with internal policies, procedures and processes.
• Provide compliance risk reports on completion of reviews to all functional heads.
• Monitor and track closure of management actions by regulators and external auditors and ensure management response.
• Monitor the Bank’s risk status periodically and report to Board Audit and Risk Committee on a quarterly basis
• Provide input for compliance reports to RMC, EXCO and Board committees, ensure such are submitted timely.
• Raise awareness and provide training to bank staff on compliance policies
• Training
• Conduct continuous risk management awareness training to all staff to ensure staff are aware of risks relevant to their functional roles.

Preferred Qualification And Experience

• Bachelor's degree in business administration or equivalent;
• Minimum 4 years of experience in the AML/ CFT and Compliance in the banking industry;

Knowledge/Technical Skills/Expertise

• Comprehensive understanding of the regulatory and business environment of the banking industry.
• Understanding of business unit needs and ability to translate them into risk management solutions.
• On-going awareness of regulatory requirements related to banking