CYBER SECURITY & GRC SPECIALIST – Fsg Limited

FSG Limited is Botswana's leading provider of financial and care solutions with 23 branches across Botswana and with significant presence in South Africa, and Zambia. Applications are invited from qualified Botswana citizens for the position of Cyber Security & GRC Specialist tenable at Gaborone. The Cybersecurity & GRC Specialist is a hybrid technical and governance role responsible for implementing, maintaining, and monitoring cybersecurity controls, policies, and compliance frameworks across FSG's multi-country infrastructure. The incumbent ensures the security, integrity, and regulatory compliance of IT systems while supporting risk management, audit activities, and security awareness initiatives. Key Responsibilities Monitor security alerts, logs, and SIEM tools for potential threats and anomalies. Conduct vulnerability assessments and coordinate remediation efforts. Assist in incident response activities, including investigation and documentation. Implement and manage security tools (firewalls, EDR, IDS/IPS, IAM). Develop, implement, and maintain cybersecurity policies, standards, and procedures. Conduct IT risk assessments and maintain the risk register. Ensure compliance with relevant regulations (Data Protection Acts, PCI DSS, ISO 27001). Support internal and external audits, including evidence gathering and remediation tracking. Assist in the design and implementation of secure infrastructure solutions. Review and assess security configurations of servers, networks, cloud platforms, and endpoints. Recommend and implement security enhancements across on-premises and cloud environments. Assess and monitor security posture of third-party vendors and service providers. Review contracts and SLAs for security and compliance requirements. Conduct periodic security reviews of critical suppliers. Requirements Qualified Botswana citizens. Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field. Minimum 5 years of experience in cybersecurity roles with exposure to GRC, risk management, or security operations. Hands-on experience with: Security frameworks (NIST, ISO 27001, CIS Controls) Hands-on experience with: Security tools (SIEM, vulnerability scanners, firewalls, EDR) Hands-on experience with: Cloud security (Azure/AWS) Hands-on experience with: Risk assessment methodologies Understanding of regulatory requirements relevant to Botswana, Zambia, and South Africa. Willingness to travel occasionally (up to 10%) across operating countries if required. Professional certifications: CISSP, CISM, CRISC, ISO 27001 LA, Security+, or equivalent. Experience in financial services or Insurance setup, group holding companies, or multi-national organizations. Knowledge of IT infrastructure components (networking, servers, cloud). Scripting or automation skills (PowerShell, Python) for security tasks. Analytical & Detail-Oriented: Strong ability to assess risks, analyse security events, and maintain accurate documentation