Senior Manager: Information Security - Governance, Risk & Compliance

Job Profile Summary

Join us to create the giants in the industry

At Derivco, we believe that our people are not just employees – they are the heart and soul of our business. It's their skills, expertise, and passion that define who we are and drive us towards excellence every day.We empower our people to think creatively, push boundaries, and take ownership of their work. We don't just want employees; we want innovators and difference-makers who are ready to make an impact.

Culture is at the core of everything we do. We create an environment where our people can thrive, grow, and unleash their full potential. We provide the right tools, support, and opportunities for personal and professional development.

We are currently seeking a Senior Manager: Information Security Governance, Risk & Compliance

Your primary function will be leading multiple service teams through tactical strategies and optimization of the practices and capabilities required for the provision and management of global information security testing, security compliance and security posture management services.  This includes establishing and maintaining a robust security governance framework, defining strong security posture policies to empower product teams to own and manage their product security risks, providing leadership and oversight for the risk management program, and ensuring compliance with applicable information security laws and industry standards. 

Job Description

Key Responsibilities:

• Develop and implement tactical security governance, risk, and compliance strategies to support the overall security strategy.
• Establish a security governance framework promoting an application security culture and strong security policies.
• Provide leadership for information security risk management, ensuring compliance with laws and industry standards.
• Oversee risk assessments, mitigation strategies, and key risk indicator monitoring.
• Lead security audits, assessments, and remediation efforts to ensure compliance with security legislation and policies.
• Manage a comprehensive ISMS and cybersecurity program to meet standards such as NIST, ISO 27001, PCI, CCPA, and GDPR.
• Lead security awareness programs and oversee security DevOps projects, technologies, and practices.
• Engage proactively with stakeholders to balance delivery expectations with internal priorities.
• Oversee security operations practices, ensuring consistency and quality across global services.
• Lead financial and people management for the department, aligning budget, capacity, and talent with business goals.

Key Qualifications and Experience:

• 8- 12 Years experience in information security
• 3 Years in a senior leadership role
• Highly specialized knowledge, in-depth awareness of industry trends.

Why Join Derivco 

• Innovative and dynamic work environment
• Opportunities for personal and professional growth
• Make a real impact on our company and clients
• Competitive salary package and benefitsA discretionary bonus (subject to company and individual performance). This is bi-annually and is up to a maximum of 70% of your monthly salary.
• A daily lunch allowance 
• On site car parking
• Employee Assistance Programme
• School subsidies – Creche: we will give you R800 per month to help you cover the cost of your little ones (up to two kids, up to the age of three). Pre School: we will contribute R400 per month towards their school fees every month (up to two kids, up to the age of six). High School: depending on your years of service, we will subsidise high school fees, as such: 5 years – R55,0000 / 10 years – R80,000 / 15 years – R110,000
• Leave Days – starting at 20 days (plus all public holidays) and continues to increase by length of service.
• Plus many onsite perks including Cake Fridays, 3 O’ Clock Friday, socials, events and training and development!

#LI-MF1