Job Description

Your:Formal Education:

• A degree in Computer Science, Information Technology, Cyber security or related field
• Any of the following certifications is advantageous

• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• CompTIA Security+
• Certified Cloud Security Professional (CCSP)
• Certified Information Systems Auditor (CISA)

Experience:

• Minimum of 6 years experience in IT Security Management
• Minimum of 6 years experience working with advanced security management applications and tools (including, but not limited to XDR/EDR tools, firewalls, ZTNA technologies, DLP tools, SIEMs, identity and access management tools etc.)

Critical Competencies Knowledge:

• Sound understanding of IT governance framework
• Sound knowledge of relevant Legislations and Security/Governance standards
• Knowledge of common IT Infrastructure management frameworks and relevant industry certifications.
• Experience in the financial services industry will be advantageous
• Principles of sound English and Afrikaans

will enable you to:Security:

• Responsible for the planning, motivation and management of the organisations execution of a suitable cyber security operational strategy, taking into account regulatory, legal and business requirements.
• Lead the response to security incidents, including investigation, containment, mitigation, and recovery efforts.
• Manage and ensure the consistent implementation of cyber security operational strategy. Provide regular reporting on the status of the environment to management.
• Ensure a cost-effective and efficient service that meets the organisations requirements.
• Provides technical leadership for the IT infrastructure as well as interface with business units.
• Develop and implement adequate and appropriate controls to minimise risk and provide assurance to management and external role players.
• Maintains and controls all the routine areas, including regular vulnerability, penetration testing and disaster recovery plan testing. Ensure accurate recording of results and reports to management.
• Manages key resources and assigns tasks.
• Conduct research and provide recommendations to GCIO to ensure security is maintained or improved.
• Together with the IT Operations Manager, manage service provider/partner with regard to the maintenance of the security environment.
• Maintain a register of all certificates, secrets and security keys. Ensure this register is kept up to date.
• Together with Group Risk Manager:

• Assesses and records risk findings () and recommends appropriate mitigating controls and manages risk remediation efforts.
• Manage and provide relevant information to external parties with regards to cyber security insurance.
• Develop, implement and maintain appropriate company policies relevant to the IT security area.

People and Processes:

• Plan and conduct user awareness training.
• Develop user guidelines and best practice articles. Promote these to users.
• Conduct internal audit processes to ensure compliance to policies and procedures.

Budget and Financial Controls:

• Assist with compiling budgets as required

• Obtain management approval and sign-off before implementation
• Liaise with finance to ensure adherence to financial framework
• Strict monitoring and control of budgets and costs of all service providers, internal functions and support services
• Report back on actual vs budgeted costs
• Regular feedback on financial performance as agreed from time to time

Staff

• Perform all performance evaluations of subordinates
• Identify needs for recruiting, training & coaching of employees and communicate job expectations and provide input to GCIO
• Implement agreed personal development plans and ensure regular training and skills development takes place.

ExecutivePlacements.com