Chief Information Security Officer

We are looking for a seasoned ChiefInformation Security Officer (CISO) to lead enterprise-wide cyber security efforts. In this strategic leadership role, you will be responsible for driving the Group’s information security strategy, ensuring the protection of AVBOB’s digital assets, systems, and data. You will play a critical part in upholding regulatory compliance, managing cyber risk, and strengthening our reputation as a trusted service provider.
You will be working for a company that is over 100 years old with strong values. In return for your services, you will be paid a competitive remuneration package. You will be working for an organisation that values employee development and rewards excellent performance.
Responsibilities include:

• Develop and execute companies' information security strategy aligned with business goals and digital innovation.

• Serve as a trusted advisor to executives, balancing innovation and cyber risk.

• Drive secure adoption of technologies including cloud, AI, and data analytics.

• Identify and mitigate cybersecurity threats (e.g., ransomware, data breaches, insider threats).

• Lead security assessments, technology deployments, and compliance audits.

• Collaborate with ICT, PMO, and Group Risk to manage enterprise-wide security initiatives.

• Ensure compliance with POPIA, GDPR, ISO 27001, and industry standards (NIST, PCI-DSS, CIS).

• Minimise legal, reputational, and financial risk through proactive governance.

• Develop and enforce the companies Cyber Incident Response Plan (CIRP).

• Oversee disaster recovery and continuity planning.

• Lead security audits, assessments, and real-time threat investigations.

• Implement training programs to build cybersecurity awareness across all departments.

• Foster a culture of shared responsibility and high performance within the security function.

• Degree in Information Technology, Business Administration, or related field.

• 7+ years of experience in cybersecurity, risk management, and IT leadership.

• 5–7 years in a senior information security management role.

• Professional Certifications: CISSP, CISM, CISA, CCSP, or equivalent.

• Deep understanding of security frameworks: ISO 27001, PCI-DSS, NIST, SSAE 18.

• Experience in financial services or insurance industries.

• Strong background in security tools and technologies (IAM, IDS/IPS, DLP, etc.).

• Ability to lead complex projects in a matrixed, multi-stakeholder environment.

• Proven experience in vendor and contract security negotiations.

• Strong leadership, communication, and analytical skills.

• Strategic and innovative thinking

• Leadership and influence

• Risk and compliance acumen

• Project and resource management

• Exceptional stakeholder communication

• Report writing and dashboard presentation

• Coaching and mentoring for performance