78 Information Governance jobs in South Africa

*** Our Johannesburg Office is Hiring *** 24 months renewable contract ***

Do you have experience designing and implementing information governance frameworks in complex, high-stakes environments? Are you passionate about aligning data governance, risk, and compliance in the digital era including AI governance and data stewardship?

Join us in a mission-critical engagement supporting strategic data governance transformation at one of the most prestigious financial institutions in the region.

About the Role

As the Information Governance Specialist, you will:

• Lead governance maturity assessments across multiple business units
• Enhance and operationalise the Information Strategy Formulation Tool
• Design and embed Information Governance by Design templates into project lifecycle artefacts (BRS, FRS, etc.)
• Build classification, vetting, and information-sharing protocols
• Develop and maintain governance metrics, KPIs, dashboards, and risk indicators
• Integrate AI governance frameworks into broader data governance structures
• Champion stakeholder engagement and organisational change in support of IG best practices

To thrive in this role, you'll need:

• A minimum of a Bachelor's degree in Computer Science, Management Information Systems, Computer Engineering OR equivalent
• Proven experience in data governance, information security, or compliance within a financial or regulatory environment
• Expertise in governance tooling (e.g., Collibra, Informatica, etc.)
• Ability to assess and uplift governance maturity and reporting
• Strong understanding of AI/data ethics, classification schemes, and risk-based controls
• Clear, professional communication and facilitation skills across all levels of stakeholders
• Data Stewardship frameworks & implementation
• Governance frameworks (e.g., DAMA, COBIT, ISO 27001, NIST)
• Business glossary and metadata development
• Agile / Waterfall governance alignment
• Experience working with central banks, regulators, or government bodies a huge plus

Why Join?

You'll be a key part of a data transformation journey with national impact, building sustainable frameworks for how critical financial data is governed, classified, and ethically used in the digital age.

Gauteng, Centurion

(Market related)

Our client based in Pretoria is urgently looking for an Information Governance Specialist to join their team

12 months renewable contract

Onsite

Knowledge, experience and personal competencies

Education And Experience

• A minimum of a Bachelor's degree in Computer Science, Management Information Systems, Computer Engineering OR equivalent
• A minimum of 8-10 years' experience in the field of data management
• Analysis and problem solving
• Effective communication
• Planning and organising
• Service and stakeholder focus
• Conceptual thinking
• Strategic thinking
• Negotiation
• Drive for results
• Building and maintaining relationships

For More Information Please Contact
Casper Van Eck

KEY MEASUREMENTS:

Implement, execute and measure the operationalisation of information management and information governance.

Merging Information Governance maturity assessment with the operationalisation of all knowledge areas maturity assessment:

Update the Information Strategy formulation tool aligned to the new way of working.

Develop an information strategy process decoupling it from any other dependencies.

Update the Information Strategy formulation tool aligned to the new way of working.

Review and update information sharing process:

Alignment between information classification and vetting status.

Development/facilitate the creation of MoU's, sharing protocols and information sharing agreements.

Embedding information governance by design into the Project Management Lifecycle, Business Analysis (Business Requirement Specification and Functional Requirement Specification

Express business information strategy roadmap and deliverables into workable ways of working.

Formulate business process to include the categorisation of information into the medallion methodology.

Develop measurement metrics on the use of the Information Strategy formulation tool.

Guide the incorporation of AI Governance into the Information Governance Processes.

Conduct an assessment on information governance and security maturity levels within the Company-Group against best practices.

Develop standards, guidelines, processes, procedures for information governance and security within the Company-Group.

Develop and promote information governance and security awareness across the organisation to ensure appropriate usage of business information.

Contribute towards the development of the Company's information strategy and monitor the information strategy progress.

Define information governance and security measurement and metrics to support reliable decision making and appropriate information usage.

Monitor, measure and report on the data stewardship levels to ensure the appropriate information usage.

Enable the improvement of information governance and security capability by developing relevant stakeholders in all aspects of information governance and security.

Play an oversight role in the remediation of information governance and security issues.

Develop and manage stakeholder relations effectively to promote information governance and security awareness across the organisation and support reliable decision making and appropriate information usage.

Provide Information Classification support services.

Provide support to business in defining of the Information Governance artefacts such as the business glossaries, data dictionaries, data catalogue and data lineage

A minimum of a Bachelor's degree in Computer Science, Management Information Systems, Computer Engineering OR equivalent

A minimum of 8-10 years' experience in the field of data management

Experience in Financial Services environment

Between 5 - 7 Years

Company Description

Tshinwelo Innovative Business Solutions (TIBS), established in 2015, provides pragmatic and innovative solutions integrating traditional business methodologies with digital technologies. Our expertise in business strategy advisory, supply chain management, business process management, and human capital management allows organizations to achieve high performance. Based on our diverse experience, we implement sustainable solutions tailored to meet the unique needs of our clients.

Job Description

•Responsible for the development and maintenance of standard data operating procedures.

•Ensure adherence to an enterprise data governance framework for data practices, policies, and standards both at a technical and functional level.

•Ensure effective internal controls by monitoring metrics and driving performance through improvement initiatives.

•Champion enterprise data governance and data initiatives.

•Deliver on data governance strategy and overall objectives.

•Ensure data governance initiatives result in enterprise and functional benefits.

•Develop & maintain inventory of the enterprise information maps, including authoritative systems, owners.

•Facilitate the development and implementation of data quality standards, data protection standards and adoption requirements.

•Provide progress reports on data governance issues and oversee periodic updates to Data Governance Roadmap.

•Enable the improvement of data governance and security capability by developing relevant stakeholders in all aspects of data governance and security.

•Play an oversight role in the remediation of data governance and security issues as well as in the development of a data security management plan.

Competencies

•Experience in implementing data management and governance roles, principles, processes and procedures.

•Implementation of enterprise level data quality, master data management and related metrics.

•Project management, risk management and data governance skills, Business Analysis techniques and master data management experience is essential.

•Technical expertise required to manage data quality results, promotion strategies of data governance tools etc. Some level of GitHub experience to understand repositories of the backend of data governance tools.

Educational / Experience Requirements:

•Relevant bachelor's degree in computer science, information technology, or a related field.

•Experience in business intelligence, data analytics, or a related field.

•10+ years of experience in Data information governance

• Who we're looking for: An experienced Information Security Manager to lead the implementation and ongoing maturity of our Information Security Management System (ISMS), ensure alignment with ISO 27001:2022, and manage risk across the business.
• The challenge: To own the ISMS documentation and audit programme, coordinate internal and external audits, oversee the risk register, and support internal teams on policy compliance and security awareness.
• Where you'll work: This role will be based in Cape Town, you'll be part of our global team, collaborating with colleagues and serving customers across the UK, USA, Australia, South Africa, and beyond. Our hybrid approach offers flexibility with regular team connection in our Cape Town office.

The Tillo Difference

We're in the business of rewards and incentives, so we know a thing or two about the importance of giving back. We can't grow as a business without growing as individuals, so we are committed to providing a workplace where passionate, driven individuals can thrive. We value collaboration, trust, positivity, and a willingness to learn - only by working as a team will we reach our goals.

We're the market leader in the UK and are active in a number of other markets including USA, Europe, Australia and India.

This role will be responsible for:

• ISMS Ownership & Audit Readiness

• Maintain and evolve the ISMS documentation and controls in line with ISO 27001:2022.

• Coordinate and lead internal audits (quarterly for TZ) and external certification audits.
• Write up audit findings and risk reports for SLT and the Board.
• Monitor ISMS KPIs and compliance metrics .

• Risk Management

• Own the company-wide risk register and associated documentation (excluding the risk framework itself).

• Support teams in identifying, assessing, and documenting risks.
• Track and ensure timely implementation of Risk Treatment Plans.
• Monitor and report on key risk metrics.

• Incident & Corrective Action Management

• Maintain the incident log, ensuring proper documentation, root cause analysis and closure.

• Drive corrective actions and improvements from internal/external audits and incidents.

• Security Policy & Training

• Maintain and develop ISO 27001-compliant security policies (non-Engineering).

• Coordinate business-wide security awareness training (e.g., KnowBe4).
• Champion InfoSec awareness and lead monthly security meetings.

• Client & Vendor Security Assurance

• Complete InfoSec and risk sections of client due diligence questionnaires.

• Support the development of a Trust Centre to streamline security responses.

What we're looking for

• 3+ years in an Information Security or Risk Management role with experience in ISO 27001 implementation and audits.
• A strong understanding of risk frameworks, internal controls, and compliance management.
• Experience with audit coordination and ISMS documentation.
• The ability to translate technical and regulatory language into business-friendly advice.
• Working knowledge of privacy, AML, and business continuity requirements.
• Familiarity with InfoSec tooling (e.g., Drata, Vanta, KnowBe4).
• Exceptional communication, reporting and organisational skills.

Benefits

We offer all our employees trust and empower our team to work with flexibility and autonomy. We're a close-knit team and love working collaboratively, with our hybrid model, our team can come together at our fantastic offices, but also focus in their own space. The Tillo team are a motivated bunch and we all work hard to push Tillo forwards, always innovating. We completely understand the importance of work/life balance and offer a supportive and collaborative working environment with the following benefits:

• 21 days holiday per annum
• Retirement Fund (5%)
• Health insurance contribution
• Employee Incentive Scheme
• Hybrid Working
• Top spec equipment including laptop, mouse, keyboard, monitor
• Anniversary gifts
• Monthly breakfasts, drinks, snacks and events
• Team Learning & Development budget

Tillo makes gift cards, rewards, and incentives simple, efficient, and profitable. Operating in over 37 markets and 25 currencies, Tillo processes billions in gift card transactions through a single, plug-and-go API, powering rewards and incentives for the world's leading businesses.

Backed by Tenzing, Tillo is setting the global standard for digital gift card infrastructure.

Diversity, Equity, and Inclusion Statement

We are committed to fostering a diverse and inclusive workplace where everyone feels valued and respected. We welcome applications from individuals of all backgrounds, regardless of age, disability, gender identity, marital status, race, ethnicity, religion or belief, sex, or sexual orientation.

If you require any reasonable adjustments during the recruitment process, please let us know, and we will be happy to accommodate your needs.

Information Security Analyst

Acacium Group – Woodstock, Cape Town

Permanent, Full Time

Salary: R35 000 per month plus amazing benefits

Unlock Your Potential

Are you a technically minded individual with a passion for cybersecurity? Are you eager to grow and develop within a global organisation?

This is an excellent entry-level opportunity to launch your career in Information Security.

As an Information Security Analyst, you will play a key role in supporting our security operations and governance frameworks. You'll work closely with both technical teams—such as Infrastructure, Service Delivery, and Application Management—and non-technical teams including Legal, Compliance, HR, Audit, and Risk. You'll also engage with end users to promote best practices and ensure ongoing compliance across the organisation.

Every Day, You Will…

• Conduct threat hunting activities to proactively identify and mitigate risks.
• Assist in security incident management, including triaging alerts and coordinating responses.
• Support regular reviews of suppliers, project risks, and user access.
• Help update IT security policies and practices.
• Deliver and assess IT Security & Cyber Awareness training, audits, and testing.
• Contribute to maintaining compliance with standards like ISO 27001, Cyber Essentials Plus, NHS DSP Toolkit, and GDPR.
• Compile monthly and quarterly security reports.
• Assist in cyber incident response and business continuity efforts.

What's In It For You?

• Hands-on technical training and exposure to a wide range of systems
• Opportunities to earn certifications in the Information Security field
• Access to senior stakeholders and involvement in impactful corporate projects
• Mentorship from experienced professionals to guide your development
• A strong focus on your career growth, with the tools, support, and guidance to help you thrive
• Unmatched career progression, thanks to being part of a global group spanning healthcare, staffing, and life sciences
• Exciting events and incentives, both locally and across the wider group
• Employer contributions to medical aid
• Subsidised transport options

Join Us and Make a Difference

Acacium Group is a global healthcare solutions partner offering staffing, managed services, and innovative delivery models to health and social care systems and the life sciences industry. We are powered by the best people and have an unrivalled and diverse range of capabilities, all while incorporating our company values into everything we do:

Putting People First, Always by Your Side, Driven by Excellence.

Join us and play a key part in shaping the future of society and improving people's lives

To Thrive in This Role, You Must Have…

• A positive, logical, and proactive approach to problem-solving
• Strong organisational and time management skills
• The ability to prioritise tasks and deliver high-quality outcomes
• Clear written communication skills, especially when creating technical documentation for non-technical audiences
• The ability to identify and manage risks within the business and Information Security framework
• Confidence and strong verbal communication skills
• CompTIA Security+
• Microsoft Security Operations Analyst

Employment Equity

The Company's approved Employment Equity Plan and Targets will be considered as part of the recruitment process. As an Equal Opportunities employer, we actively encourage and welcome people with various disabilities to apply.

Designation:

Information Security Manager | Waterfall, Midrand, Gauteng | Permanent

Category:

Information Technology

Job Level:

Professionally qualified and experienced specialists and mid-management

Posted by:

PSG Financial Services

Posted on:

03 Oct 2025

Reference Number:

POS08450

Closing date:

30-Oct-2025

Position Type:

Permanent

Location:

Waterfall Magwa Crescent

Overview:

VACANCY | INFORMATION SECURITY MANAGER | WATERFALL, MIDRAND, GAUTENG | PERMANENT

PSGs commitment to transform and embrace diversity is what drives us to achieve a diverse workplace with employment equity as a key goal to create an inclusive workforce. In achieving our employment equity goals, we give preference to applicants from designated groups, and we encourage people with disability to apply.

The Information Security Manager will lead PSG's cybersecurity strategy, governance, and operations across a hybrid cloud infrastructure. This includes managing Microsoft security capabilities, integrating firewall technologies, overseeing the Cyber Security Operations Center (SOC), and ensuring compliance with regulatory and industry standards. The role also includes managing BYOD risks, securing branch networks, and aligning with globally recognized frameworks such as the NIST Cybersecurity Framework and Joint Security Standards (JSS).

• Develop and maintain PSG's enterprise-wide cybersecurity strategy aligned with business objectives and regulatory requirements.
• Establish and enforce security governance frameworks, policies, and standards.
• Ensure alignment with the NIST Cybersecurity Framework (Identify, Protect, Detect, Respond, Recover) and Joint Security Standards.
• Lead the implementation of relevant security compliance initiatives.
• Collaborate with divisional CIOs and executive leadership to align security posture across business units.
• Monitor emerging threats, regulatory changes, and industry trends to inform strategic decisions.

• Design secure solutions for hybrid environments (on-prem + Azure).
• Integrate security into infrastructure and application projects.
• Manage identity and access controls, including Azure AD, MFA, and privileged access management.

• Manage day-to-day security monitoring, incident handling, and threat intelligence.
• Administer Microsoft 365 security features: Defender for Endpoint, Purview, Sentinel, Conditional Access, etc.
• Ensure endpoint, network, and cloud security controls are effectively implemented and monitored.
• Implement and enforce BYOD policies, including mobile device management (MDM), data loss prevention (DLP), and secure access controls.
• Secure branch office networks, including firewalls, VPNs, segmentation, and remote access protocols.

• Develop and manage the annual cybersecurity budget, including licensing, tools, training, and consulting services.
• Track and report on security-related expenditures, ROI, and risk mitigation outcomes.
• Support procurement and vendor management for security solutions.

• Oversee 24/7 SOC operations, ensuring effective threat detection, incident response, and escalation.
• Define SOC roles, workflows, and incident response playbooks.
• Integrate SIEM, SOAR, and threat intelligence platforms for proactive defense.
• Monitor and improve KPIs such as MTTD (Mean Time to Detect) and MTTR (Mean Time to Respond).
• Coordinate with external threat intelligence providers and law enforcement when necessary.

• Oversee the deployment, maintenance, and upgrade of security technologies including Microsoft 365 E3/E5 and Hailstone platforms.
• Ensure timely patching, configuration updates, and feature adoption.
• Maintain compatibility and integration of security tools with PSG's hybrid infrastructure.
• Document system configurations and update operational procedures regularly.

• Conduct regular risk assessments, vulnerability scans, and penetration tests.
• Ensure compliance with POPIA, GDPR, NIST CSF, JSS, and other relevant regulations and frameworks.
• Maintain a risk register and track mitigation actions.
• Coordinate internal and external audits and ensure timely remediation of findings.

• Lead organization-wide cybersecurity awareness programs.
• Deliver targeted training for IT, business, and executive teams.
• Promote secure behaviour and incident reporting culture.

• Build and lead a high-performing cybersecurity team, leveraging SOC analysts, engineers, and compliance specialists.
• Define clear roles, responsibilities, and performance expectations.
• Conduct regular coaching, performance reviews, and career development planning.
• Foster a culture of accountability, innovation, and continuous improvement.
• Promote cybersecurity awareness and ownership across all departments.

• Prepare operational, executive-level reports on security posture, risk exposure, and compliance status.

• Bachelor's degree in Computer Science, Information Technology, or related field.
• 8+ years of IT Security experience, with 5+ years in a leadership role.
• CISSP, CISM, or equivalent
• Microsoft Certified: Cybersecurity Architect Expert
• GIAC Security Operations (GSOM) or equivalent SOC certification
• Familiarity with scripting (PowerShell, Bash) and automation tools.

• Microsoft 365 and SharePoint Online
• Proven experience in cybersecurity leadership within hybrid cloud environments.
• Deep knowledge of Microsoft 365 E3/E5 security stack and Hailstone technologies.
• Strong understanding of SIEM, SOAR, threat intelligence, and SOC operations.
• Experience managing BYOD environments and securing distributed branch networks.
• Familiarity with ISO/IEC 27001, ISO/IEC 2000, NIST, and CIS controls.
• Excellent communication, stakeholder engagement, and team leadership skills.
• Technical documentation

• Strong leadership and problem-solving skills.
• Attention to detail
• Decision making
• Leadership
• Attention to detail
• Resilience
• Good verbal and written communication skills
• Time management skills
• Deadline driven

Candidates interested must apply here by no later than 30 October 2025 OR browse available PSG Careers vacancies

By submitting your application, you are giving PSG Financial Services implicit consent to the storage and processing of your personal information. If you are not contacted within 4 weeks of your application, please accept that your application was not successful. For more information about careers at PSG, visit

Designation: Information Security Manager | Waterfall, Midrand, Gauteng | Permanent

Category: Information Technology

Job Level: Professionally qualified and experienced specialists and mid-management

Posted by: PSG Financial Services

Posted on: 03 Oct 2025

Reference Number: POS08450

Closing date: 30-Oct-2025

Position Type: Permanent

Location: Waterfall Magwa Crescent

Overview
VACANCY | INFORMATION SECURITY MANAGER | WATERFALL, MIDRAND, GAUTENG | PERMANENT
PSGs commitment to transform and embrace diversity is what drives us to achieve a diverse workplace with employment equity as a key goal to create an inclusive workforce. In achieving our employment equity goals, we give preference to applicants from designated groups, and we encourage people with disability to apply.

Job Description
The Information Security Manager will lead PSG's cybersecurity strategy, governance, and operations across a hybrid cloud infrastructure. This includes managing Microsoft security capabilities, integrating firewall technologies, overseeing the Cyber Security Operations Center (SOC), and ensuring compliance with regulatory and industry standards. The role also includes managing BYOD risks, securing branch networks, and aligning with globally recognized frameworks such as the NIST Cybersecurity Framework and Joint Security Standards (JSS).

*Responsibilities:
Strategic Leadership & Governance *

• Develop and maintain PSG's enterprise-wide cybersecurity strategy aligned with business objectives and regulatory requirements.
• Establish and enforce security governance frameworks, policies, and standards.
• Ensure alignment with the NIST Cybersecurity Framework (Identify, Protect, Detect, Respond, Recover) and Joint Security Standards.
• Lead the implementation of relevant security compliance initiatives.
• Collaborate with divisional CIOs and executive leadership to align security posture across business units.
• Monitor emerging threats, regulatory changes, and industry trends to inform strategic decisions.

*Architecture & Identity Management *

• Design secure solutions for hybrid environments (on-prem + Azure).
• Integrate security into infrastructure and application projects.
• Manage identity and access controls, including Azure AD, MFA, and privileged access management.

*Security Operations *

• Manage day-to-day security monitoring, incident handling, and threat intelligence.
• Administer Microsoft 365 security features: Defender for Endpoint, Purview, Sentinel, Conditional Access, etc.
• Ensure endpoint, network, and cloud security controls are effectively implemented and monitored.
• Implement and enforce BYOD policies, including mobile device management (MDM), data loss prevention (DLP), and secure access controls.
• Secure branch office networks, including firewalls, VPNs, segmentation, and remote access protocols.

*Financial Management *

• Develop and manage the annual cybersecurity budget, including licensing, tools, training, and consulting services.
• Track and report on security-related expenditures, ROI, and risk mitigation outcomes.
• Support procurement and vendor management for security solutions.

*Cyber Security Operations Center (SOC) Oversight *

• Oversee 24/7 SOC operations, ensuring effective threat detection, incident response, and escalation.
• Define SOC roles, workflows, and incident response playbooks.
• Integrate SIEM, SOAR, and threat intelligence platforms for proactive defense.
• Monitor and improve KPIs such as MTTD (Mean Time to Detect) and MTTR (Mean Time to Respond).
• Coordinate with external threat intelligence providers and law enforcement when necessary.

*Security Technology Lifecycle Management *

• Oversee the deployment, maintenance, and upgrade of security technologies including Microsoft 365 E3/E5 and Hailstone platforms.
• Ensure timely patching, configuration updates, and feature adoption.
• Maintain compatibility and integration of security tools with PSG's hybrid infrastructure.
• Document system configurations and update operational procedures regularly.

*Risk Management & Compliance *

• Conduct regular risk assessments, vulnerability scans, and penetration tests.
• Ensure compliance with POPIA, GDPR, NIST CSF, JSS, and other relevant regulations and frameworks.
• Maintain a risk register and track mitigation actions.
• Coordinate internal and external audits and ensure timely remediation of findings.

*Awareness, Education & Training *

• Lead organization-wide cybersecurity awareness programs.
• Deliver targeted training for IT, business, and executive teams.
• Promote secure behaviour and incident reporting culture.

*Team Leadership & Culture *

• Build and lead a high-performing cybersecurity team, leveraging SOC analysts, engineers, and compliance specialists.
• Define clear roles, responsibilities, and performance expectations.
• Conduct regular coaching, performance reviews, and career development planning.
• Foster a culture of accountability, innovation, and continuous improvement.
• Promote cybersecurity awareness and ownership across all departments.

*Reporting *

• Prepare operational, executive-level reports on security posture, risk exposure, and compliance status.

*Minimum requirements: *

• Bachelor's degree in Computer Science, Information Technology, or related field.
• 8+ years of IT Security experience, with 5+ years in a leadership role.
• CISSP, CISM, or equivalent
• Microsoft Certified: Cybersecurity Architect Expert
• GIAC Security Operations (GSOM) or equivalent SOC certification
• Familiarity with scripting (PowerShell, Bash) and automation tools.

*Experience in the following technologies and concepts: *

• Microsoft 365 and SharePoint Online
• Proven experience in cybersecurity leadership within hybrid cloud environments.
• Deep knowledge of Microsoft 365 E3/E5 security stack and Hailstone technologies.
• Strong understanding of SIEM, SOAR, threat intelligence, and SOC operations.
• Experience managing BYOD environments and securing distributed branch networks.
• Familiarity with ISO/IEC 27001, ISO/IEC 2000, NIST, and CIS controls.
• Excellent communication, stakeholder engagement, and team leadership skills.
• Technical documentation

*Competencies required: *

• Strong leadership and problem-solving skills.
• Attention to detail
• Decision making
• Leadership
• Attention to detail
• Resilience
• Good verbal and written communication skills
• Time management skills
• Deadline driven

*How to apply: *
Candidates interested must apply here by no later than 30 October 2025 OR browse available PSG Careers vacancies .

By submitting your application, you are giving PSG Financial Services implicit consent to the storage and processing of your personal information. If you are not contacted within 4 weeks of your application, please accept that your application was not successful. For more information about careers at PSG, visit

Company Description

INTERCERT is a multinational company headquartered in Texas, USA, operating in over 28 countries. Founded in 2009, INTERCERT is dedicated to building a secure and sustainable world through customer-centric services. We are accredited by leading organizations, including America's accreditation board under IAF for ISO Certification Services, Cloud Security Alliance for CSA STAR Certification services, AICPA CPA Firm for SOC1 & SOC2 Audit Attestation and CREST accreditation for PEN Testing Services. Our services also encompass CMMC, PCI DSS Certification, and Data Protection compliance for standards such as GDPR, HIPAA, and Cybersecurity frameworks. With a team of over 150 experienced assessors, we deliver global assessment services with a focus on compliance and excellence.

Role Description

This is a full-time, remote working role for an Information Security Analyst in South Africa. The Information Security Analyst will be responsible for day-to-day tasks such as assist with the planning and execution of GRC audits such as ISO 27001, ISO 22301, ISO 27701, SOC2, GDPR etc.

Qualifications

Bachelor's Degree or equivalent focused on Information
Security / Cybersecurity

Experience Level

0-6 months

Roles and Responsibilities

Assist with the planning and execution of GRC audits such as ISO 27001, ISO 22301, ISO 27701, SOC2, GDPR etc.

Help assess the design and effectiveness of internal controls, including business and IT controls.

Prepare reports and documentation for external audits and communicate audit findings and recommendations.

Stay updated on evolving regulatory changes, industry standards, and best practices related to GRC, risk management, and auditing.