Job Description

Closing Date 2025/12/18
Reference Number MMH251205-8
Job Title Talent Pool: Cyber Security Operations Manager
Position Type Permanent
Cluster Momentum Health
Remote Opportunity None of the time
Location - Country South Africa
Location - Province Gauteng
Location - Town / City Sandton
Introduction
Through our client-facing brands Momentum Group, with Multiply (wellness and rewards programme), and our other specialist brands, including Guardrisk and Eris Property Group, the group enables business and people from all walks of life to achieve their financial goals and life aspirations. We help people grow their savings, protect what matters to them and invest for the future. We help companies and organisations care for and reward their employees and members.
Role Purpose
The organization is looking for a highly motivated individual who is able to work at in a mid-level leadership level to ensure that Cyber Security management controls within the IT BU operations capability are well managed and operate within the risk appetite of the Health business and that of the Momentum Metropolitan Group.
The role will be positioned within the Information Security Management team who report to the Head of IT Governance and Risk. The team's purpose is to ensure that IT operations for the business unit are stable, operate as expected and are secure.
Requirements

• Relevant Tertiary qualification, Relevant certification or National Diploma
• A minimum of 7 years' technical IT operations experience, 3 years of which should be at team leader or specialist level.
• Must have managed or participated (at least a team leader) on an initiative to implement an international standard for operational management controls.
• Experience in health industry experience in administration of medical aids - desirable
• Experience in client service industry with provision of IT services to call centers- desirable
• Experience in outsource or supplier of IT service systems of record, infrastructure or development services - desirable
• Knowledge and experience implementing and monitoring information security operational controls against best practice standards.
• Experience with report writing and presentation.
• Excellent computer literacy and experience in the application of software tools including (MS Word, PowerPoint, Excel, Internet and Outlook)

Duties & Responsibilities

• Monitor, track, and direct reporting on the execution of Cyber Security management controls.
• Ensure that the technical team understand ownership responsibilities and activities required to treat risk and implement management controls.
• Support control owners at a technical level during the design and implementation of new controls.
• Consult with the Information Security Risk Officer as well as technical specialists on the appropriate treatment of Information and Cyber risk.
• Participate in the review and establishment of Information Security management controls.
• Responsible for the maintenance of a Risk and Controls Register for Information Security work.
• Represent the single point of accountability and contact for operational security controls.
• Ensure that evidence is retained, centrally stored and available for audit purposes.
• Engage at a management level on matters of IS Risk as required by the management team.
• Participate in Information Security due diligence work associated with the adoption of SaaS, IaaS or during acquisition of new business partners or 3 party suppliers.
• Be responsible for ensuring the Cyber Security controls as prescribed by MMH (SANS CIS CSC) are applied and managed within the Health Business.
• Be responsible for ensuring the Technology and Information related controls as guided by ISO27002 :2022 are applied and managed within the Health Business.
• Support the Health Cyber Response team during cyber incidents.
• Work with the Group Information Security team to ensure that Health participates and executes on group driven information security initiatives and projects.
• Support the incident response team with facilitation and writing of Root Cause reports.
• Contribute to and execute the Cyber Security Operations Strategy
• Manage IAM Capability & Team

Competencies

• Information Security
• Risk Management
• Stakeholder Management
• Analytical And Problem Solving
• Communication (written and verbal)
• Computer Literacy

Policy
We are committed to Employment Equity, diversity and inclusion when recruiting internally and externally. All appointments are made in alignment to our Employment Equity goals and we encourage people with disabilities to apply.

Skills Required