IT Security Assurance Specialist job at Coca-Cola Beverages Africa

Share and send to your friends !

Vacancy title:
IT Security Assurance Specialist

[ Type: FULL TIME , Industry: Manufacturing , Category: Computer & IT ]

Jobs at:

Coca-Cola Beverages Africa

Deadline of this Job:
10 October 2021  

Duty Station:
Within Zambia , Lusaka , South - Central Africa

Date Posted: Sunday, October 03, 2021 , Base Salary: Not Disclosed

Reference Number CCB210930-7
Job Title IT Security Assurance Specialist

Job Description
Coca-Cola Beverages Africa (CCBA) presents an exciting opportunity for an experienced IT Security Assurance Specialist, to join the CCBA Information Technology team. The successful applicant will be reporting into the Governance, Risk and Compliance Manager. This is a senior specialist level position in the IT Risk and Compliance Team, and plays an important role in ensuring the safety of CCBA’s information technology hardware, software, and data by using audits and security assessments to pro-actively identify and address risks in the environment. Coca-Cola Beverages Africa is the largest African Coca-Cola bottler, accounting for 40 percent of all Coca-Cola volumes on the continent. CCBA is a NARTD market leader in Africa. CCBA has an extensive footprint in Africa, employing over 16 000 employees. CCBA vision is to Refresh Africa every day and make the continent a better place for all, growing successfully as business and creating a better shared future for our people, customers, consumers, communities, planet and shareholders. The IT Security Assurance Specialist, provides assurance for confidentiality, integrity, and availability of CCBA’s information and information systems. This employee leads the planning and scheduling of a variety of internal and external security assessments so that the organisation can proactively ensure that any potential risks are identified and addressed. The regular, professional, and efficient co-ordination and management of these security assessments assures business leaders and users that their online environment and data is adequately protected. The IT Security Assurance Specialist establishes relationships between second and third lines of defense that is management and independent assessors. This employee also ensures that all IT continuity and disaster recovery plans, processes and approaches adhere to internal security standards.

Key Duties & Responsibilities
Consulting with senior IT leaders and IT security colleagues to determine the requirements for internal security assessments. Creating an annual plan and schedule of planned internal security assessments. Scheduling the internal security assessments for new and existing key IT systems, processes and technologies including applications, databases, data centres and infrastructure. Developing and performing IT risk assessments on new and existing key IT systems, processes or technologies including applications, databases, data centres and infrastructure. Collaborating with other members of the Governance team to identify providers of independent security assessments and to contract them to deliver the services. Facilitating the scheduled annual audit process, including ensuring that assessments are completed in a timely manner. Facilitating the IT management response process and action plans related to internal and or external audit findings and self-reported risks. Ensuring that remedial actions from security assessments and audit assessments are acted upon in a timely manner. Providing management with timely and accurate report about status and progress of the risk audit process and the remediation thereof. Acting as the IT liaison with enterprise risk and compliance management functions with regards to business continuity management. Defining and developing the CCBA IT disaster recovery plans and ensuring that these plans remain up to date. Ensuring that business impact analysis is periodically performed for every running application in the environment and mapped to required continuity controls. Sharing information on disaster recovery with all relevant stakeholders and ensuring that they are trained and prepared for any disaster. Continuously researching and reading relevant material to understand changes in the broader cyber environment which may result in risk. Contributing to the preparation, review, and implementation and updating of risk and compliance policies, controls, and guidelines. Providing oversight and support on on-going red-team exercises carried out by the Security Operations colleagues for identification of the evolving threat-and-risk landscape. Lead implementation of cyber risks technologies such as honeypots, to closely understand the threats targeting CCBA. Planning milestones for deliverables and deployment and creating a plan that visualise the timeline. Meeting regularly with senior level business stakeholders to identify, agree and understand dynamic changes to their business unit and functional strategies. Meeting regularly with risk management and business continuity colleagues in the rest of the business to discuss and agree organisational integrated risk management and to ensure comprehensive and effective business continuity plans are in place. Preparing and delivering updates and reports as required by executive management and the business. Supporting team members and collaborating by clearly communicating expectations, progress, constraints, and resolutions. Supporting internal improvement initiatives within the IT department to ensure continuous business improvement.

Skills, Experience & Education Qualifications: Bachelors Degree in Computer Science, Information Systems or related Post Graduate qualification in Computer Auditing advantageous Certifications (at least one of the following): CRISC (Certified in Risk and Information Systems Control) CISA (Certified Information Systems Auditor) CISSP (Certified Information Systems Security Professional) CISM (Certified Information Security Manager) Other certifications: COBIT5 Implementation COBIT5 Assessor Certified in Governance, Risk and Compliance (CGRC) Certified in the Governance of Enterprise IT (CGEIT) BCS IT Governance & InfoSec Basis Practitioner Ethical Hacking ITIL V4 Managing Professional Relevant vendor/equipment specific certification Experience 10 to 12 years general work experience with at least 5 years relevant experience in governance, risk, and compliance.

The advert has minimum requirements listed. Management reserves the right to use additional or relevant information as criteria for short-listing.

Job Experience: No Requirements

Work Hours: 8

Level of Education:
Bachelor Degree


Job application procedure
To apply for this job please visit

Contract Lilayi, Zambia Posted 18 hours ago Texila American University is a world Class Affordable Educational Provider. We are a forward-looking, modern university with a proud tradition as a provider…
Details Mission and objectives The United Nations Development Programme (UNDP) is the UN’s global development network, advocating for change and connecting countries to knowledge, experience and resources to help people…
JOB OPPORTUNITY World Vision Zambia (WVZ) Limited is a faith-based Organization dealing with Relief aid, Development, and Advocacy dedicated to working with children, families, and communities to overcome poverty and…