Exxaro Grootegeluk is looking for a dynamic Cyber Security Specialist (CSS) to join the Information
Management team to asset the business in executing the digitalization strategy while mitigating
risk. The successful candidate is expected to have an in-depth knowledge of IT, from the end-user
to the perimeter of the local environment. The CSS should keep abreast with trending, internal
and external threats, risks, vulnerabilities, etc in both the Information Technology and Operational
Technology environments.


  • Bachelor’s degree in Computer Science
  • Certified Chief Information Security Officer or related qualification
  • A minimum of 10 years’ experience in Information technology (Security Management
    will be of advantage)
  • Familiarity with hacking and anti-hacking software
    The candidate should display an in-depth knowledge of Cyber Security with on-hand experience


  • To carry out technical vulnerability assessments of IT systems and processes, identifying
    potential vulnerabilities, to make recommendations to control any risks identified and to
    ensure they are implemented.
  • To respond rapidly and effectively to IT security incidents, managing them in a
    professional manner including computer forensics for evidence gathering and preservation.
  • To be responsible for the coordination of regular Information Security Reviews by
    conducting assessments systems, processes, and infrastructure and making
    recommendations to minimize the risks identified.
  • To work with the governance team and provide input to ensure that policies and
    procedures for Information Security are effective are adhered to. To be proactive in
    making recommendations for updates to policies & procedures as required.
  • To provide high-quality Information Security guidance documentation and training.
  • To lead and advice on best practices to service managers, domain architects, and staff at all
  • To provide high-quality guidance and assistance to departmental staff in projects with
    challenging information security requirements. Provide recommendations and
    suggestions to internal project teams of industry best practices related to cybersecurity
    policies and procedures, business continuity, change management, risk identification, and
    risk mitigation.
  • Support the development of policy white papers and briefings to keep Management,
    customers, and colleagues abreast with relevant, emerging policies and guidance.
  • Draft correspondence about Cyber Security training, guidance, strategic Information
    Technology plans and updates.
  • To be the definitive point of contact for all employee and contractors to Exxaro, seeking
    advice on information security.
  • To oversee the information security risks register and carry out actions to mitigate risks

  • To liaise with external partners and security agencies where required and ensure that any
    information requested from within the company is provided on a timely and secure basis,
    with the respective agreements in place.

  • To work a (virtual) Information Security team spanning other Exxaro business units.
  • To keep up to date with security trends, threats, and control measures, to be an active
    member of the Information security manager communities.
  • To maintain existing security tools and technologies. Planning and implementing new
  • Plan and execute information security penetration testing, auditing, and post-incident
    analysis for new and existing applications/technologies, with consistent improvement.
  • To develop and maintain an excellent working relationship with Exxaro’s Centre of
    Excellence in Cyber Security.
  • To maintain high levels of professional conduct, including but not limited to: co-operative
    engagement in tasks set; the exercising of an initiative to suggest, through line managers,
    improvements to the service provided; and clear and professional styles of
    communication at all times.
  • To manage other activities that may arise through evolution, growth or restructuring.
  • Such duties appropriate to the grade, as may be directed by the Information Manager
    and, or nominated representative.

Desired Skills:

  • Cyber Security
  • Certified Chief Information Security Officer
  • Security Management

Learn more/Apply for this position