Information Security Management System (ISMS) Manager - Johannesburg (Hybrid) - R40 000 - R45 000

Information Security Management System (ISMS) Manager - Johannesburg (Hybrid) - R40 000 - R45 000

Lead the organisation's information security governance, enterprise risk management, and regulatory compliance activities within a highly regulated environment.

About Our Client

The organisation operates within a highly regulated sports betting or a similarly stringent digital transaction environment. The business focuses on effectively managing security, risk, and compliance obligations across multiple international jurisdictions.

The purpose of the role is to lead the organisation's information security governance, enterprise risk management, and regulatory compliance activities within a highly regulated environment. The main focus areas are establishing, maintaining, and continuously improving the organisation's ISO 27001-aligned Information Security Management System, while providing strategic oversight of cyber risk, operational risk, and control effectiveness.

• Manage 5-8 years of experience within a sports betting or a similarly stringent digital transaction environment while leading the design, implementation, and continuous enhancement of the organisation's Enterprise Risk Management framework in alignment with ISO 31000 and business strategy.
• Own the enterprise-wide risk management process, ensuring risks are identified, assessed, prioritised, mitigated, monitored, and reported effectively across all business functions.
• Maintain management oversight of compliance with standards and regulations including POPIA, GDPR, and UKGC requirements.
• Coordinate regulatory and certification audits across internal teams, external service providers, and international stakeholders.
• Chair and facilitate risk assessment workshops with business and technical stakeholders, driving accountability for risk ownership and treatment actions.
• Prepare and present clear, concise, and data-driven reports to executive management and the Audit and Risk Committee on risk exposure, audit outcomes, security maturity, and remediation status.
• Build and maintain strong cross-functional relationships with Technology, Product, Operations, Legal, Compliance, and executive leadership to embed risk-aware decision-making.

• 5-8 years experience within a sports betting or a similarly stringent digital transaction environment.
• Tertiary qualification (bachelor's degree or higher) in Information Technology, Cyber Security, Risk Management, or a cognate discipline.
• Hold professional certifications such as Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), or ISO 27001 Lead Implementer/Auditor.
• Demonstrate excellent comprehension of international compliance frameworks and the operational mechanics within the industry.
• Possess exceptional analytical acumen and the capacity to articulate complex technical and risk-related paradigms to non-technical stakeholders.