Job Description

SUMMARY:
Chief Information Security OfficerPOSITION INFO:Chief Information Security OfficerIntroductionAn international automotive OEM which produces vehicles in 14 countries and delivers them to customers in more than 150 markets worldwide is looking for a suitably qualified & experienced candidates to fill the Chief Information Security Officer (CISO) position in the Infrastructure and Security Department - Information Technology based in Kariega, Eastern CapeJob Role

• The Chief Information Security Officer deals with unique, highly complex business issues and is responsible for establishing an Enterprise Security Stance through policy, architecture and training processes, and by implementing appropriate security solutions in line with company Group standards, policies and guidelines, under the leadership of the Group IS Security Organisation (ISSO).
• The CISO is responsible for delivering, maintaining and measuring the effectiveness of Information Security Management Systems (ISMS).
• The Chief Information Security Officers prepares an organisation to counter existing and emerging threats, is responsible for establishing and communicating best practices for maintaining data security, as well as monitoring the effectiveness of security operations.
• The CISO is also responsible for protecting the organisation''s data and intellectual property, including maintaining best practices and designing effective policies to handle breaches and other disasters.

Key Responsibilities

• The CISO is responsible and accountable for achieving the information security objectives within the defined scope of the legal entity by operationally running the ISMS.
• Maintaining and measuring the effectiveness of the ISMS.
• Implement processes to identify IT risks, recommend appropriate responses, and lead on validation of the effectiveness of controls to reduce the companys risk and vulnerability.
• Act as security expert, support, and provide guidance to key internal and external stakeholders (IS, internal audit, the Brands, Group Functions, 3rd party partners) to ensure that all security matters are understood and managed.
• Implement, chair and lead to setup Application Panel processes, for reviewing and analysing business led internet and local initiatives to ensure compliance, risk and security topics are fully considered.
• Overall responsible and accountable for vulnerability management.
• Ensure regular penetration testing and vulnerability scanning is in place and continuously assess the effectiveness of controls and measures to reduce the attack surface of the organisation.
• Provide significant input into contract management processes to ensure that external Consultants, Outsourcing Partners, and 3rd party suppliers conform to Group security policies and guidelines.
• Lead on the development of relevant security policies and guidelines, and to ensure that appropriate training and awareness campaigns is delivered to the business in order to develop a better understanding of cyber security.
• Keep up to date with Group security initiatives, and industry security issues, trends and technologies in order to identify and propose improved security solutions that meet business requirements.
• Follow the IS Risk Management process with regards to function/departmental risks, ensuring alignment with SA company and Group approaches.
• Advise and support the Risk Acceptance process for highly complex projects/activities that cannot fully comply with policy
• Perform the role of PISO (Production Information Security Officer) ensuring effective security controls are implemented and maintained within the shopfloor environment.
• Oversee the implementation of an Industrial Cyber Security program to improve the security maturity level with the shopfloor environment.
• Perform the Role of SO (Security Officer) vehicle manufacturing ensuring security measures and controls are in place within our products.
• Identify IT risks/threats and highlight and recommend security measures.
• Oversee IT security policy and administration as well as all IT security decisions.
• Validate the effectiveness of IT security measures.
• Support management regarding questions in terms of IT security.
• Maintain contacts with local IT security expert agencies and keep abreast of local developments in the IT security field.
• Oversee the investigation and remediation of security breaches and incidents.
• Co-ordinate independent and group security audits

Minimum qualifications and experience requirements

• 3 year IT (or related) Qualification - Degree or National Diploma

CISSP andor other advanced security relevant certification * 4 - 8 years business systems experience as a Senior Information Security Officer

• Thorough understanding of general business processes and/or core processes
• Project Leadership (medium to large)
• Good knowledge of the corresponding system environment in the Manufacturing Industry and that of suitable market leader products
• Good knowledge of I.S. resources and financial management

Note:Please ensure that you submit a copy of your CV and Qualifications to be considered for this position. Applications must be submitted by no later than 10th February 2025 to

ExecutivePlacements.com