Register Login

IS Risk Auditor - Econet Wireless

Location: Harare
Alert: Application Deadline Expired

Job purpose

To provide expert specialised risk-based cybersecurity assurance by reviewing, assessing and evaluating experienced and potential cybersecurity issues through the provision of advisory and consultancy services to the Econet, and Ecocash Holdings group. Works as subject matter experts in cybersecurity assurance and investigations.

Key Responsibilities

  • Provides leading cybersecurity threat, risk analysis, and mitigating initiatives that help to protect the business and customers/subscribers from information and cyber security risks.
  • Reviews Econet and Ecocash Holdings’ Group tools used measure risk, identify, and mitigate threats, and protect against unauthorized disclosure of confidential information as pertains to the business’ clients, internal functions, and extended supply chain.
  • Reviews compliance of IT department operations to Information Security policies and procedures.
  • Draft and maintain an up-to-date understanding of industry best practices and emerging threats.
  • Recommends security controls, processes, and procedures for the information security governance program, including control document reviews, assessment finding mediation, assisting control owner with remediation plan development, tracking findings through remediation, progress monitoring, reporting, and escalation.
  • Advises internal departments by facilitating information security risk analysis and risk management processes and identifying acceptable levels of residual risk.
  • Follows up on deficiencies identified in audit reviews, self-assessments, automated assessments, and internal and external audits to ensure that appropriate remediation measures have been taken.
  • Analyses existing accounts and data access permission requests against documented authorizations.
  • Performs security assessments and security vulnerability scans.
  • Performs security monitoring and reporting analyzes security alerts and escalates security alerts to management.
  • Identifies and resolves root causes of security-related problems.
  • Delivers IT risk & security awareness and compliance training programs.
  • Analyzes reports and makes recommendations for improvements. Communicates reporting results to information security management.
  • Designs and recommends the implementation, and monitoring of logical access controls to ensure the confidentiality, integrity, availability, and authorized use of information assets.
  • Customize and design procedures to investigate cybercrime and information leakage within the organization often in connection with anticipated or ongoing legal action
  • Evaluate strategy developed by IS management and make recommendations in line with group objectives.
  • Executes risk assessments to determine if the adoption of proposed system development/acquisition meets the group’s business goals.
  • Evaluates service level management practices and decides if the level of service from internal and external service providers is adequately defined and managed
  • Evaluate the organization’s disaster recovery plan to ensure that it enables the recovery of IT processing capabilities in the event of a disaster.
  • Design and perform complex analysis of data using various scientific and statistical methods for different business processes or operations reviews across the group.
  • Review of commercial promotions (e.g. Sales & Marketing promotions) and certification of results of promotions in EWPL and Cassava.

Qualification, Skills, and Experience

  • Degree in Computer Science or equivalent
  • CISSP and CISA certification with International Board-Information Systems Audit and Control Association
  • 2 to 4 years’ experience in a similar environment of which, 1 year spent training in practical Cyber Security aspects and at least two years as an IS Risk practitioner.

To Apply:

Use link:

Alert: Application Deadline Expired

Share Product

Recent Jobs

Give us a Feedback