Manager, Information Risk & Business Resilience

Company Description

Standard Bank Group is a leading Africa-focused financial services group, and an innovative player on the global stage, that offers a variety of career-enhancing opportunities – plus the chance to work alongside some of the sector’s most talented, motivated professionals. Our clients range from individuals, to businesses of all sizes, high net worth families and large multinational corporates and institutions. We’re passionate about creating growth in Africa. Bringing true, meaningful value to our clients and the communities we serve and creating a real sense of purpose for you.

Provide specialist advisory and leadership across the Group in implementing and managing the Information Risk and Business Resilience Frameworks. Ensures all business units are equipped to identify, mitigate, and treat information and technology service continuity risks in alignment with ethical, regulatory, and strategic standards.

• A degree in Information Technology or Risk Management (Required).

• 3-4 years experience in defending information from the risk of accidental or intentional unauthorized use, access, modification, disclosure, dissemination or destruction of information resources, which would compromise the confidentiality, integrity and availability of information which would potentially harm the business. Experience in analysing the risk posture on other related non-financial risks such as Cyber Risk, Technology Risk, Third Party Risks, Regulatory Compliance Risk, Legal Risk.
• 3-4 years experience and exposure to the delivery of the Business Continuity lifecycle (i.e. impact analysis, recovery strategy formulation, plan development, testing and exercising and governance and awareness related activities), engaging multiple stakeholders across the bank to fulfil value-chain and business line requirements for the business resilience (BR) programme.
• 3–4 years in information security and non-financial risk domains.
• 3–4 years in business continuity lifecycle delivery and/ or
• 3–4 years in Service Management delivery

• Lead Group-wide risk assessments, reporting, and remediation efforts.
• Drive information risk and business disruption awareness, training, and stakeholder engagement.
• Coordinate with Client Segments, Group Technology Functions, and Corporate Functions. Eg. BR Coordinator, DR Coordinator, Backup & Restore Coordinator
• Manage incident response planning, breach investigations and reporting and develop and execute fit-for-purpose technology resilience programmes.
• Maintain the relevance of Standards, Playbooks and operational guidelines like Runbook templates.
• Engage with external vendors (like SaaS Providers) and regulators, as/ when required by accountable officers of the bank.
• Monitor and report on technology resilience metrics to governance forums.

• Adopting Practical Approaches
• Articulating Information
• Challenging Ideas
• Conveying Self-Confidence
• Developing Expertise
• Documenting Facts
• Establishing Rapport
• Examining Information
• Following Procedures
• Interacting with People
• Managing Tasks
• Pursuing Goals

• Evaluating Risk Management Effectiveness
• Information Security
• Information Security Management
• Risk Acceptance
• Risk Identification
• Risk Response Strategy