Job Description

To shape, design and manage the implementation of the Groups information security strategy, plans, governance framework, policies, principles, standards and protocols to enable the organization to respond to evolving cybersecurity threats and potential incidents proactively and to safeguard the organizations information technology assets and data whilst maintaining the organizations integrity.Responsibilities

• Assess IT security needs, align cyber security initiatives with business objectives, and develop the organizations information security strategy and roadmap.
• Accountable for the organizations information security systems and networks built to protect against cyber-attacks, intrusions, malware and data breaches.
• Establish and enforce information security governance, policies, and compliance aligned to industry regulations and standards, ensuring continuous improvement through regular reviews and audits.
• Maintain and improve information security incident response plans. Lead and coordinate the response to security incidents.
• Perform information security risk assessments and oversee findings to closure.
• Define, manage, and integrate new and existing security controls into IT infrastructure, leverage technologies and solutions e.g. EDR, PAM, DSPM, CASB, DLP, etc. to ensure a well-controlled and standardized IT security environment and oversee continuous security improvement.
• Oversee monitoring and analysis of cyber threat intelligence, evaluate security tools, and present functional reports to influence decision-making and compliance.
• Lead information security and access management teams, maintain and drive maturity of identity access governance platform.
• Coordinate security awareness and training programs, recruit and develop staff, set performance management plans, and ensure the team has the necessary skills and resources.
• Keep abreast of the latest cyber security research, local and global threats and assess potential impact on the business to ensure continuous improvement of the organizations cyber security posture.
• Manage vendor relationships and financial resources, take responsibility for IT security budget and cost control, and drive cost-effective measures to achieve strategic objectives.

Qualifications

• Degree in Information Technology / Systems Engineering / Computer Science or a relevant equivalent qualification.
• Certification such as Certified Information Systems Security Professional (CISSP), Certified Information Systems Manager (CISM).

Skills and Experience

• 5-7 years (Diploma) or 4-6 years (Degree) of experience in the IT environment, with 2 years or more in a management role
• Strong technical knowledge of enterprise IT systems and architecture.
• Strong technical understanding of maintenance and support of IT information security systems.
• Strong knowledge of IT governance and cyber security practices.
• Strong knowledge and understanding of risk and compliance management.
• Knowledge of the regulatory requirements such as Data Privacy and Protection of Personal Information Act (POPIA) and information security frameworks e.g. PCI DSS, NIST, ISO27001

Job-Related Skills

• Excellent written and verbal communication skills
• Ability to manage ambiguity/ complexity
• Able to cultivate innovation
• Ability to collaborate cross-functionally
• Ability to establish and maintain strong relationships with stakeholders at different levels
• IT Strategy, Planning and Governance
• Cyber Security Management
• IT Risk Management
• IT Control Monitoring
• Data Protection
• Information Security

Job-Related Competencies

• Leading and Supervising
• Delivering Results and Meeting Customer Expectations
• Relating and Networking
• Applying Expertise and Technology
• Adapting and responding to change
• Deciding and Initiating Action
• Presenting and Communicating Information

Recru-IT