Purpose: To develop, implement and manage a Cybersecurity strategy and program in, order to minimise risk and ensure compliance. The effectiveness of the program has to be reviewed on a regular basis.
Requirements
- Nationality: South African citizen or permanent resident with valid SA ID
- Minimum of 8+ years’ experience in leading the engagement of IT security consulting projects is essential.
- 8 + years Cybersecurity experience.
- 8 + Experience in development of IS Security Strategies and Frameworks, policies, procedures and guidelines.
- 8 years’ Experience in leading matrix reports.
- 8 years’ Experience managing and motivating multiple direct reports.
- 8 years Information Systems Risk and audit experience. ? Tertiary qualification in Information Systems or Engineering (BSc IT, Bcom IT, Diploma IT); ? General programming/software development concepts and software analytical skills. ? Deep understanding and practical experience of IT Infrastructure and networks. ? Deep understanding and practical experience around physical perimeter security. ? Strong comprehension and knowledge of IT Security, Risk, and Compliance management methodologies (ISO 27000 series, COBIT 5, ITIL, ITSCM, ISMS , CISSP, CISM etc.) ? Experience in using IT security products to conduct penetration tests, vulnerability scan, source code review, as well as using e-Governance or SOC (Security Operation Centre) platform.
- Risk Assessment models and frameworks – COSO, ITIL, ISO/IEC 27002, COBIT, and OCTAVE.
- Experience with hackers and hacking.
Objectives: - IT security strategic management.
- Creating and being responsible for the implementation of cybersecurity strategy, including a cybersecurity framework and associated controls, policies and procedures to manage risk and ensure compliance
- Monitor and report on status of compliance to the framework and assess effectiveness.
- Build Relationships and facilitate with business units, service providers and regulatory bodies to effectively manage cyber risks.
- Build Relationships with internal business units and ensure co-ordination with business objectives, specifically in projects and high impact changes.
- Manage Service providers (including Cloud providers) in line with Cyber risks and compliance requirements.
- Manage Cyber security projects effectively.
- Assist IT and software factory teams with security requirements and measure the effectiveness of the implementation.
- To be a focal point for all Client security projects.
- To ensure that security operational tasks are performed and measured and that a cyber-Incident response process is implemented and managed.
- Align Operational tasks to the framework and to risk and compliance requirements.
- Implement and manage a Cyber incident response function and Measure the effectiveness of the operational tasks, identify areas of concern and put in place corrective measures.
- To develop a comprehensive program where education and awareness requirements are identified. ? Threat modelling, security architecture, authentication technologies.
- Implement the programme and monitoring its effectiveness.
- Assign tasks and manage workload.
- ISO27001 process, procedure maintenance and certification.
- Security patch management review and implementation.
- Completing security sections of TAD’s, RFI’s and RFP’s.
- Plan, manage and run with external vendor and customer security audits.
Desired Skills:
- IT Security
- Information Security
- Risk Management
- Compliance Management
- SOC
- Security Operation Centre
- Risk Management Methodologies
- Compliance Management Methodologies
- Security Management
Desired Work Experience:
- 5 to 10 years
About The Employer:
Formed in South Africa over 20 years ago, specialising in major financial system infrastructure development. Key player in the Central Banking space with over 9000 employees in 60 offices globally.
Employer & Job Benefits:
- Provident Fund
- Medical Aid