Job Description

Essential Duties & Responsibilities:

• Promote and manage IT security and privacy awareness training and education for administrators, teachers, and staff, as well as create proper security incident notification protocols.

• Promotes the company's culture, purpose, vision, and basic values.

• Must be able to transform the business's IT-risk-based needs and restrictions into technical control requirements and specifications, as well as generate metrics for continuous performance and management.

• Coordinates technical operations within the IT organization to develop and manage the IT security infrastructure, as well as providing management with frequent status and service-level reports.

Strategic & Operational Support:

• Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program to ensure that information assets are adequately protected.

• Work directly with the business units to facilitate risk assessment and risk management processes.

• Work closely with the Head of IT and regional IT Team to ensure that IT security measures are built into all internal, interfaced and 3rd party systems housing confidential/private data.

• Develop and enhance an information security management framework

• Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems, and services

• Provide leadership to the enterprise's information security organisation

• Partner with business stakeholders across the company to raise awareness of risk management concerns

• Assist with the overall business technology planning, providing current knowledge and future vision of technology and systems.

• Provide a coordinated response to sophisticated cyber-attacks; detect threats and establish appropriate defensive mechanisms, review system modifications for security implications, and recommend upgrades.

• Conduct vulnerability assessments to detect current or possible breaches of electronic data and information systems, as well as their origins; coordinate IT investigations with relevant audit, regulatory, and law enforcement organisations.

• Proactively monitor systems reports for access control violations/intrusion detection, cybersecurity concerns, and malware threats.

• Maintain an information security knowledgebase, including security advisories and warnings for both IT and the broader employee population.

• Ensure that audit trails, system logs, and other monitoring data sources are checked on a regular basis and adhere to policies.

Security Liaison:

• Assist employees and IT departments in recognizing and addressing security issues and security audit concerns.

• Work with department leaders from IT, HR, Marketing, Compliance, and Finance to educate them on security risks and controls, as well as discover new risks and suitable controls.

• Collaborate with the Head of IT and the IT team to create, report, and monitor a security performance dashboard for the IT Management Committee and IT regions.

People Management:

• Managing the day-to-day activities of the Security team.

• Motivating the team to achieve organizational goals.

• Delegating tasks to team members.

• Conducting training of team members to maximize their potential.

• Empowering team members with skills to improve their confidence, product knowledge, and communication skills.

• Conducting quarterly and annual performance reviews.

Requirements

• University degree in the field of computer science and information security

• Honours Degree Would be an advantage

• 3+ yearsxe2x80x99 security-related or ISM work experience,

• Knowledge of common information security management frameworks, such as ISM/IEC 27001 and NIST.

• Knowledge and experience of Information Security Risk and Security Governance

• CISSP, CISM or related certification is a definite plus.

SISOL Recruitment