(794) Cyber Security Risk Analyst

Brief description                                                                                                                 

The main purpose of this position is to research and analyse the cyber security landscape to ensure cyber threats to the South African Financial sector are known and adequately managed by the respective institutions.    

Detailed description

The successful candidate will be responsible for the following key performance areas:

• To develop cyber frameworks / standards /and guidelines for adoption across the industry.
• Apply appropriate analytical techniques, methodologies and technologies to meet the research objectives. 
• Produce intelligence outputs to provide an accurate depiction of the current threat landscape and associated risk. 
• Liaise with key internal and external stakeholders regarding current and developing cyber threats. 
• To plan and coordinate intelligence-based CIS (cyber and information security) penetration testing assessments (advanced simulated cyber-attacks) across the sector i.e. Banks, Insurance, and Market Infrastructures.
• To develop project methodologies for external consultants to perform advanced simulated cyber-attacks on the financial sector. 
• Identify, collect, collate, analyse and document cyber security threats to the financial sector using threat intelligence feeds from multiple sources. 
• Plan and prioritise work in conjunction with team lead and other stakeholders. 
• Conduct ongoing research into legislative and best practice cybersecurity requirements.
• Review risk and threat information in order to identify applicable gaps in the industry. 

To be considered for this position, candidates must have:

• A minimum of a Postgraduate qualification (NQF 8) in Security, Information Technology or an equivalent relevant qualification. 
• At least eight years’ experience in an Information security or IT Risk / cybersecurity governance environment.
• Solid knowledge of risk management, compliance and Information security governance.
• Have exposure to cyber risk frameworks. 
• Be familiar with relevant legislation.
• Understanding of Cyber Risk Trends.
• Knowledge of leading cyber / information security best prac

Job-related knowledge

• Relevant security certification, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified in Risk and Information Control (CRISC) Certified in Risk and Information Control (CRISC), Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP)  or Certified Information Systems Auditor (CISA) will be an added advantage. 
• Problem solving and analysis. 
• Planning and organising.
• Verbal and written communication.
• Team work.
• Impact & influence. 

Job-related skills and attributes

• Solid knowledge of risk management, compliance and Information security governance.
• Have exposure to cyber risk frameworks. 
• Be familiar with relevant legislation.
• Understanding of Cyber Risk Trends.
• Knowledge of leading cyber / information security best practices.

 

In line with the SARB’s commitment to diversifying its workforce, preference will be given to suitable candidates from designated groups. People with disabilities are welcome to apply.

 

The SARB offers remuneration and benefits commensurate with the level of the position and in line with the market. The level at which the successful applicant will be appointed will depend on his/her competence and experience.

About SARB

 

Primary mandate of the SARB

 

Section 224 of the Constitution of South Africa states the mandate of the SARB as follows:

The primary object of the South African Reserve Bank is to protect the value of the currency in the interest of balanced and sustainable economic growth in the Republic.

The South African Reserve Bank, in support of its primary objective, must perform its functions independently and without fear, favour or prejudice.

 

WHAT WE DO

 

Monetary Policy

 

The Constitution gives the SARB the mandate to protect the value of the rand. We use interest rates to keep inflation low and steady.

 

Financial Stability

 

The SARB has a mandate to protect and enhance financial stability. We identify and mitigate systemic risks that might disrupt the financial system.

 

Prudential Regulation

 

The Prudential Authority regulates financial institutions and market infrastructures to promote and enhance their safety and soundness, and support financial stability.

 

Financial Markets

 

Open market operations are the main tool we use to implement monetary policy. We manage South Africa’s gold and foreign exchange reserves.

 

Financial Surveillance

 

The SARB is responsible for regulating cross-border transactions, preventing the abuse of the financial system and supporting the regulation of financial institutions.

 

Payments and Settlements

 

The SARB is responsible for ensuring the safety and soundness of the national payment system, which is the backbone of South Africa’s modern financial system.

 

Statistics

 

The SARB provides important economic and financial statistics that present an overview of the economic situation in South Africa.

 

Research

 

Research conducted by the SARB focuses on economics, financial stability, banking and emerging trends in finance. Our research supports policy decision-making.

Banknotes and Coin

 

The SARB has the sole right to make, issue and destroy banknotes and coin in South Africa.