Our client, a listed entity in JHB has a new position for an Information Security Officer
to manage and assist in performing on-going security monitoring of information systems
- 8+ years Information security-related work experience,
- Information technology degree in the field of computer science or information security
- Knowledge of common information security management frameworks, such as ISO/IEC 27001 and NIST
- Knowledge of patch management, firewalls and intrusion detection/prevention systems (e.g. SCCM)
- Knowledge and experience of Information Security Risk and Security governance CCNA, CISSP, CISM or related certification is advantageous.
- Knowledge of working with Information security tool (e.g. Firewalls, Antivirus, Network monitoring tool)
- Experience dealing with Information Security Audits
- Provide Cyber Security Guidance across functions and regions.
- Drive remediation activities across the organization offices
- Extensive experience in Information Technology, with a background in Security and Compliance
- Information Security and controls implementation
- Security advisory
- Professional information security certification.
- Solid knowledge of various information security frameworks.
- Excellent problem-solving and analytical skills
- Provide leadership for the companys information security requirements
- Responsible for Compliance initiatives such as POPI, GDPR and business security requirements.
- Actively ensure appropriate administrative, physical and technical safeguards are in place to protect the company information assets from internal and external threats
- Meticulously identify, introduce and implement appropriate procedures, including checks and balances, are in place to test these safeguards on a regular basis
- Updating the end user awareness strategy and programme to focus on various target audiences (such as developers, security managers and data stewards). The awareness plan must be built on policy awareness, good security practices and social engineering risks. Conduct classroom-based security awareness sessions and campaigns using an e-learning platform.
- End User Communication and Security Awareness Campaigns and Programs.
- Thoroughly conduct and complete annual reviews and audits as required engaging both internal business partners across the organisation as well as external resources
- Act as the committed owner of the security incident and vulnerability management processes
- Passionately manage and assist in performing on-going security monitoring of information systems including assessing information security risk through qualitative risk analysis on a regular basis, conducting functional and gap analyses to determine the extent to which key business areas and infrastructure comply with statutory and regulatory requirements
- Evaluating and recommending new information security technologies and countermeasures against threats to information or privacy
- Developing security reports and dashboards and providing regular reports on compliance to the CIO
- Ensure effective staff training programs are in place to increase security awareness across the company
- Work directly with the business units to facilitate risk assessment and risk management processes
- Develop and enhance an information security management policies and procedures
- Understand and interact with all departments to ensure the consistent application of policies and standards across all technology projects, systems and services
- Partner with business stakeholders across the company to raise awareness of risk management concerns
Employer & Job Benefits: