Job Description

Our client is seeking a Information Security Lead who would be responsible for developing and managing Information Systems cyber security, including disaster recovery, database protection and software development. Develop and deliver Information Security standards, best practices, architecture and systems to ensure information system security across the company is South Africa.

Responsibilities:

Operational

• Ensure that all policies developed are in line with contractual, legislative and industry best practice
• Ensure that all policy exceptions are documented and tracked through their risk life cycle
• Drive implementation and policy compliance across all business units
• Create and rollout an awareness program
• Define and measure metrics to ensure awareness programs are effective
• Establish and implement an information security risk management framework
• Manage and maintain an information security risk register that document, evaluates, and tracks all information security risks and feeds into the organisational risk register
• Oversee, identify, and manage all related operational costs in accordance with financial policies, procedures, processes, prescribed schedule of payments, procurement and subcontractor management policies and procedures
• Establish and maintain appropriate internal controls and reporting systems to meet performance expectations
• Ensure operating efficiencies through enhanced resource management and budget control

Key Service area

• Ensure that there are regular information security audits and penetration testing on various levels of application, database, policy etc
• Ensure that all contracted security requirements are fulfilled
• Control the management of organisational risks through monitoring and reporting mechanisms
• Review the Business Continuity and Disaster Recovery plans annually to ensure all tasks are correctly assigned and are implementable by designated personnel
• Monitor compliance of organisational policies and procedures and adherence to all statutory and regulatory requirements prescribed for overall corporate governance

Reporting

• Compile and submit reports on policy compliance levels per business unit
• Compile and submit Information Security Management report to SSC
• Compile and submit report information security risks and remediation plans

People Management

• Manage employees directly under supervision and to maintain effective utilisation and discipline required to achieve business objectives
• Create an enabling environment that facilitates effective performance by direct reports and instilling behaviour that supports the organisational values
• Provide access to skills development and capacity building opportunities

Requirements:

• Matric
• Relevant undergraduate degree/diploma and/or certificate
• Certification or completion of CISSP, CISM, CISA, ISO/ IEC 27001 Lead Implementor and/or CompTIA Security+
• Strong technical background in systems and network security
• Project Management skills (ability to plan, organize, coordinate, and implement)
• Experience in compilation of management reports
• Understanding of, and practical experience of applying the Data Protection Act, the Freedom of Information Act and other related legislation, standards and codes of practice

Please note only shortlisted candidates will be contacted

Manpower