Job Description

Advert Reference:P12516 IT Security Manager - CenturionJob Title: IT Security Manager - CenturionClosing Date: 2024/04/25Position Available From: 2024-04-18Area: CenturionActual Place Of Work: CenturionPosition Type: Full-TimeWeekly Hours: 40Time Conditions: 5 day Work Week (South Africa)Purpose of Position: The IT Security Manager performs two core functions for the enterprise. The first is
overseeing the operations of the enterprisexe2x80x99s security solutions through management of the organizationxe2x80x99s security analysts. The second is establishing an enterprise security stance through strategy, policy, architecture and training processes. Secondary tasks will include the selection of appropriate security solutions, and oversight of any vulnerability audits and assessments. The IT Security Manager is expected to interface with peers in the Systems and Network departments as well as with the leaders of the business units to both share the corporate security vision with those individuals and to solicit their involvement in achieving higher levels of enterprise security through information sharing and co-operation.Requirements: Bachelor Degree in Information Technology, Computer Science, Management Information Systems or an advanced Technology-related Degree (Required), Industry recognized certification in IT Governance (Required), Industry recognized certification in IT Security (Required)Required Experience: 8 xe2x80x93 10 years related experience, A good understanding of IT networking and access management concepts, Broad knowledge of a wide range of Information Technology systems and a deep understanding of the inherent security risks associated with these technologies, Experience in designing and delivering employee security awareness training, Experience in developing Business Continuity Plans and Disaster Recovery Plans, Experience in enterprise security architecture design, Experience in enterprise security document creation, Understanding of information security principles and best practice (e.g., ISO27001, ISF Standards of Good Practice for Information Security, CIS controls), Working technical knowledge of identity management solutions, Working technical knowledge of next generation firewallsKey Responsibilities: Collect, analyze, and prepare reports required for senior management, regulators, and other relevant stakeholders., Collect, analyze, and prepare reports required for senior management, regulators, and other relevant stakeholders., Create, and maintain the enterprisexe2x80x99s security awareness training program., Create and maintain the enterprisexe2x80x99s Business Continuity Plan and Disaster Recovery Plan, where appropriate., Create and maintain the enterprisexe2x80x99s security architecture design., Create and maintain the enterprisexe2x80x99s security documents (policies, standards, baselines, guidelines and procedures)., Develop a culture of in-depth understanding as to why security testing is required at both business and internal team level., Develop materials and tools to effectively communicate compliance and corporate requirements., Develop policy, plans, and strategy in compliance with laws, regulations, policies, and standards in support of organizational cyber activities., Document, investigate, and report cybersecurity compliance issues and incidents, where necessary., Engage in ongoing communications with peers in the Systems and Networking groups as well as the various business groups to ensure enterprise wide understanding of security goals, to solicit feedback and to foster cooperation., Ensure the confidentiality, integrity and availability of the data residing on or transmitted to / from / through enterprise workstations, servers and other systems and in databases and other data repositories., Ensure the enforcement of enterprise security documents., Ensure the enhancement of delivery and management of key technology security platforms including SIEM and DLP, Lead the escalation and resolution of risk and compliance issues with appropriate stakeholders including business, security, legal, IT, and customers., Liaise with relevant parties to commission activities relating to contingency planning, business continuity management, and IT disaster recovery., Maintain up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors., Oversee the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprisexe2x80x99s security documents
specifically., Perform regular security awareness training for all employees to ensure consistently high levels of compliance with enterprise security documents., Responsible for the coordination of regular Information Security Reviews in the enterprise and with partner organizations by conducting assessments of systems, processes and infrastructure and making recommendations to minimize risks identified., Select and acquire additional security solutions or enhancements to existing security solutions to improve overall enterprise security as per the enterprisexe2x80x99s existing procurement processes., Supervise all investigations into problematic activity and provide on-going communication with senior management., Supervise the design and execution of vulnerability assessments, penetration tests and security audits., To carry out technical vulnerability assessments of IT systems and processes, identifying potential vulnerabilities, to make recommendations to control any risks identified and to ensure they are implemented., To respond rapidly and effectively to IT security incidents, managing them in a professional manor including computer forensics for evidence gathering and preservation. Ensure root cause analysis is undertaken and input suggested approaches to deal with lessons identified. {+ 1 more}Applicants must have a South African ID or a valid South African work permit. We do not accept any faxed or emailed CVs. If we have not contacted you within 14 days, please consider your application unsuccessful.

Ampath