Imperial is an African focused provider of integrated market access and logistics solutions. With a focus on the following key industries – healthcare, consumer, automotive, chemicals, industrial and commodities – we take our clients’ and principals’ products to some of the fastest growing and most challenging markets in the world. As a leading global logistics provider, we seek out and leverage new technology to deliver innovative, end-to-end solutions. Through our significant African footprint and international expertise, and with the support of our 25,000 people, Imperial’s purpose is to connect Africa and the world – and to improve people’s lives with access to quality products and services. Imperial became a wholly owned business of DP World in March 2022. For more information: [URL Removed]
- Imperials Logistics Africa business, is the leading logistics supplier in South Africa, and one of the largest on the African continent, providing Contract Logistics, Road Freight and Lead Logistics Provider solutions.
- Imperial Logistics International business, has its headquarters in Duisburg, Germany and is responsible for all Group logistics activities (including Contract Logistics and Freight) outside of Africa.
- Imperial’s Market Access business builds complex route-to market solutions that provide principals access to patients and consumers across Africa through comprehensive channel strategies that integrate sourcing, sales, demand generation, distribution, marketing and promotions.
Job Purpose
- To specify, implement and manage information security controls across the Imperial Logistics landscape CIC/CB
Job Outputs
- The primary responsibilities of this role include:
- Working with the Executive: Digital and IT Security to
- Identify suitable information security controls for the Imperial environment
- Implement these controls, either through direct action or by liaising with IT operational teams
- Monitor the success of these implementations and remediate as necessary
- Monitoring security events on an ongoing basis, responding and remediating
- Contributing to project teams by providing information security guidance on system designs and processes, and testing solutions when required
- Contribute to technology selections by defining information security requirements, evaluating vendor responses and providing recommendations for technology selections
- Liaise with the Architecture Team as required to establish an approved information security architecture
Liaise with stakeholders as required to address information security queries and issues that may arise - Collaborate with the Privacy Office to implement confidentiality controls
- Provide summaries and reports to the CISO, risk forums, EXCO and audit as required
- Manage or participate in the management of security incidents that may arise
- Project manage and participate in the remediation activities identified during assessments, penetration tests or breaches
- Represent Imperial Information Security Office to internal and external stakeholders as required.
- Perform forensic analysis of security incidents where required
Minimum Qualifications
- Professional certification, such as a CISSP, CISM, CISA or other information security credentials, is preferred.
Minimum Experience
- Minimum of three to five years experience in a combination of risk management, information security or IT jobs.
- Excellent written and verbal communication skills; interpersonal and collaborative skills; and the ability to communicate security and risk-related concepts to technical and nontechnical audiences.
- Must be a critical thinker with strong problem-solving skills.
- Knowledge of technological trends and developments in the area of information security and risk management.
- Project management skills: scheduling and resource management.
- Proficient with personal computers; experience with productivity software, such as Windows, Microsoft Office software and so forth.
- Experience with contract and vendor negotiations.
High level of personal integrity, and the ability to professionally handle confidential matters and exude the appropriate level of judgment and maturity. - High degree of initiative, dependability and ability to work with little supervision.
- Sufficient knowledge to propose relevant IT responses to changing information security and regulatory risks.
Behavioural Competencies
- Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals.
- Ability to understand and respond to operational security risks
- Proven ability to communicate with people at all levels – from developers to the board of directors
- Excellent writing for business cases and responding to senior executives and auditors
Technical competencies
- Knowledge of security and control frameworks, such as ISO:IEC 27001/2, SABSA, COBIT, and ITIL.
- Familiarity with key information security technologies, including:
o Anti-Malware solutions, including EDR, MDR and XDR
o Perimeter defense technologies, including DMZs, Firewalls, Proxies and Gateways
o Assessment mechanisms, including vulnerability scanning, penetration testing, and configuration reviews
o E Mail security, including header analysis, DMARC and SPF
o Multi factor Authentication
o The appropriate use of relevant technical security standards such as WPA, OWASP and TLS
o The implementation, use and limitations of encryption technologies
o The implementation, use and limitations of key information security technologies such as DLP, SIEM and CASB - Familiarity with attack vectors as described within the MITRE framework, including Phishing and variants,malware, XSS, SQL Injection, password spray attacks and others
We are committed to Employment Equity when recruiting and as such preference will be given to candidates who fall within our equity targets. Should you not have received a response within 4 weeks of the closing date of this advert, please consider your application unsuccessful.
Desired Skills:
- CISSP
- CISM
- CISA or other information security credentials
- information security or IT jobs. – Excellent written and verbal communication skills
- interpersonal and collaborative skills
- experience with productivity software
- Project Management
- Microsoft Office
- vendor
- interpersonal skills.
- Customer Relations
- Initiative
Desired Work Experience:
- 2 to 5 years Systems / Network Administration
Desired Qualification Level:
- Certificate