Standard Bank Group is a leading Africa-focused financial services group, and an innovative player on the global stage, that offers a variety of career-enhancing opportunities – plus the chance to work alongside some of the sector’s most talented, motivated professionals. Our clients range from individuals, to businesses of all sizes, high net worth families and large multinational corporates and institutions. We’re passionate about creating growth in Africa. Bringing true, meaningful value to our clients and the communities we serve and creating a real sense of purpose for you.

The Head of Information Security is expected to define and execute the enterprise‑wide security vision, ensuring compliance with regulatory requirements, and embedding a culture of security across all operations. Acting as both a guardian and a strategic partner, the incumbent balances technical expertise with strategic insight to safeguard resilience, enable digital transformation, and maintain trust with stakeholders.

Type of Qualification: Bachelors' degree
Field of Study: Business/Commerce, Computer Science, Information Technology, or related field
Type of Qualification: Post Graduate Degree
Field of Study: Information Technology, Cybersecurity, Risk Management, or related discipline (preferred).

Certifications: 

• • CISSP (Certified Information Systems Security Professional)
  • CISM (Certified Information Security Manager)
  • CISA (Certified Information Systems Auditor)
  • CRISC (Certified in Risk and Information Systems Control)
  • ISO 27001 Lead Implementer / Lead Auditor

Experience Required

5-7 years Experience in implementation and management of information security policies and frameworks within corporate environments. Experience in governance reporting, assurance, and recommendations. Assessing and validating risk assessments and adherence to technology standards. Familiarity with international frameworks (ISO 27001, NIST, PCI DSS).

5-7 years Experience in identifying, mitigating, and tracking risks, including country-specific regulatory requirements. Strong knowledge of financial regulations (RBZ, Basel III, GDPR, POPIA). Experience in reporting findings and ensuring compliance with statutory requirements.

5-7 years Strong IT understanding with exposure to digital and platform operating models. Awareness of cybersecurity trends, solutions, and emerging technologies (cloud, AI, blockchain). Ability to assess technology risks and align with business strategy.

5-7 years Experience engaging with senior executives and diverse stakeholders. Proven ability to lead multicultural teams and drive organizational change. Strong communication and influence skills at board/executive level.

5-7 years Direct experience in information security or audit roles within banking/financial services. Understanding of financial risk management and assurance processes. Exposure to digital banking platforms and fintech ecosystems.

8-10 years Experience working in multi-vendor, outsourced, and multi-system IT environments. IT portfolio delivery planning, investment control, and risk identification. Oversight of statutory reporting, software/hardware license management, and IT governance.

8-10 years Proven ability to lead incident response, crisis management, and disaster recovery planning. Experience in developing and testing business continuity and resilience frameworks.

8-10 years Broad business and finance experience, specifically within the banking sector. Ability to align cybersecurity strategy with organizational goals. Strong commercial awareness and understanding of cost-benefit analysis in IT investments.

Behavioural Competencies:

• Adopting Practical Approaches
• Articulating Information
• Checking Things
• Directing People
• Examining Information
• Exploring Possibilities
• Interpreting Data
• Making Decisions
• Providing Insights
• Pursuing Goals
• Showing Composure
• Upholding Standards
• Strategic leadership: Ability to influence executives and align security with business growth.

Technical Competencies:

• Compliance Audit
• Information Security
• IT Risk Management
• Knowledge of Banking & Financial Service
• Risk Management
• Stakeholder Management (IT)
• Balanced expertise: Technical depth in cybersecurity + leadership in banking.
• Regulatory focus: Compliance with both local (RBZ) and international standards.