MANAGER : IT SECURITY

To manage and oversee all security components impacting the information technology environment.

POSITION INFO : Your :

Formal Education :

• A degree in Computer Science, Information Technology, Cyber security or related field
• Any of the following certifications is advantageous: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), CompTIA Security+, Certified Cloud Security Professional (CCSP), Certified Information Systems Auditor (CISA)

Experience :

• Minimum of 6 years’ experience in IT Security Management
• Minimum of 6 years’ experience working with advanced security management applications and tools (including, but not limited to XDR / EDR tools, firewalls, ZTNA technologies, DLP tools, SIEM’s, identity and access management tools, etc.)

Critical Competencies Knowledge :

• Sound understanding of IT governance framework
• Sound knowledge of relevant Legislations and Security / Governance standards
• Knowledge of common IT Infrastructure management frameworks and relevant industry certifications.
• Experience in the financial services industry will be advantageous
• Principles of sound English and Afrikaans

will enable you to : Security :

• Responsible for the planning, motivation and management of the organisation’s execution of a suitable cyber security operational strategy, taking into account regulatory, legal and business requirements.
• Lead the response to security incidents, including investigation, containment, mitigation, and recovery efforts.
• Manage and ensure the consistent implementation of cyber security operational strategy. Provide regular reporting on the status of the environment to management.
• Ensure a cost-effective and efficient service that meets the organisations requirements.
• Provides technical leadership for the IT infrastructure as well as interface with business units.
• Develop and implement adequate and appropriate controls to minimise risk and provide assurance to management and external role players.
• Maintains and controls all the routine areas, including regular vulnerability, penetration testing and disaster recovery plan testing. Ensure accurate recording of results and reports to management.
• Manages key resources and assigns tasks.
• Conduct research and provide recommendations to GCIO to ensure security is maintained or improved.
• Together with the IT Operations Manager, manage service provider / partner with regard to the maintenance of the security environment.
• Maintain a register of all certificates, secrets and security keys. Ensure this register is kept up to date.
• Together with Group Risk Manager: Assesses and records risk findings and recommends appropriate mitigating controls and manages risk remediation efforts. Manage and provide relevant information to external parties with regards to cyber security insurance.
• Develop, implement and maintain appropriate company policies relevant to the IT security area.

People and Processes :

• Plan and conduct user awareness training.
• Develop user guidelines and best practice articles. Promote these to users.
• Conduct internal audit processes to ensure compliance to policies and procedures.

Budget and Financial Controls :

• Assist with compiling budgets as required. Obtain management approval and sign-off before implementation. Liaise with to ensure adherence to financial framework.
• Strict monitoring and control of budgets and costs of all service providers, internal functions and support services.
• Report back on actual vs budgeted costs.
• Regular feedback on financial performance as agreed from time to time.

Staff :

• Perform all performance evaluations of subordinates.
• Identify needs for recruiting, training & coaching of employees and communicate job expectations and provide input to GCIO.
• Implement agreed personal development plans and ensure regular training and skills development takes place.