Business Information Security Officer

About Discovery 
Discovery’s core purpose is to make people healthier and to enhance and protect their lives. We seek out and invest in exceptional individuals who understand and support our core purpose, and whose own values align with those of Discovery. Our fast-paced and dynamic environment enables smart, self-driven people to be their best. As global thought leaders, Discovery is passionate about innovating in order to not only achieve financial success, but to ignite positive and meaningful change within our society.

About Business Information Security Officer

The Business Information Security Officer (BISO) ensures that the security vision, privacy objectives and strategy is followed by leading the implementation of the Group Wide Security Programme. The BISO works directly with the business senior management team and CIO to facilitate Information Governance and Security, provides guidance and advice on security direction and creates mechanisms to facilitate the management of security risk through appropriate policies, standards and guidelines.

Key Outputs

· Provide input into the Group Information Security Strategy with associated programs and leading these within the respective business unit.

· Engage directly with the CIO and other influential parties to execute the Group and Business Unit Information Security Strategy.

· Regular engagement with the Business stakeholders ensuring that the Information Security Program and Strategy is aligned to business and systems developments.

· Assist in the development of appropriate Information Security Policies, Standards and guidelines that are aligned to business outcomes and needs.

· Identification and assessment of Information Security related risks, identification of controls implemented within the business and co-ordination and reporting of management actions to address shortcomings.

· Assist with appropriate training and awareness programs or initiatives for all staff to inform them of their information security obligations.

· Providing ongoing direction, guidance and support to the business on all information security related matters.

· Regular reporting to and active participation on relevant forums and committees 

Personal Attributes and Skills

· Strong negotiation skills

· Excellent knowledge of technology environments 

· The ability to articulate security in non-technical business impact terms

· Excellent written and oral presentation skills, ability to lead discussions and present complex ideas to all levels within the organization

· Business Writing Skills, Presentation and Facilitation Skills

· Customer Service Orientation, Result Orientation, Negotiation skills

· Personal organisation and time management skills

· Time Management

· Professional Communication (written, verbal/presenting and listening)

· Interpersonal skills - Ability to build relationships with people from all different backgrounds and at different job levels 

Education and Experience

Information Security Qualifications (CISSP, CISM, etc) 

Related Degree / Diploma 

10+ years’ experience in the Information Security field across three or more domains

Working knowledge of and experience with Risk and Compliance

Working knowledge of applicable industry standards, legislations, etc 

EMPLOYMENT EQUITY

The Company’s approved Employment Equity Plan and Targets will be considered as part of the recruitment process. As an Equal Opportunities employer, we actively encourage and welcome people with various disabilities to apply.

EMPLOYMENT EQUITY   
                             
The Company’s approved Employment Equity Plan and Targets will be considered as part of the recruitment process. As an Equal Opportunities employer, we actively encourage and welcome people with various disabilities to apply.