REFERENCE NUMBER: | 9993185 |
JOB GRADE: | E4 |
LOCATION: | Head Office, Pretoria (On-site) |
ABOUT THE JOB:
An Executive Manager of Cyber security Department oversees the strategic direction, management, and implementation of the organisation’s cybersecurity strategy. This role involves high – level leadership, coordination across various departments, and ensuring alignment with organisational goals.
QUALIFICATIONS AND EXPERIENCE:
- Grade 12
- Bachelor’s Degree in Cybersecurity, Computer Science or Information Technology or related fields.
- CISSP – Certified Information Systems Professional
- CISM – Certified Information Security Manager
- CCISO – Certified Chief Information Officer
- CCSP – Certified Cloud security Professional
- CISA – Certified Information Systems Auditor
- CRISC – Certified Risk and Information system Control
- ISO/IEC 27001 Lead Implementer or Auditor
- At least 15 or more years working experience
- At least seven years’ experience operating at a senior managerial level within a security sensitive, digitally advanced environment
- A proven record of Technical Proficiency in Cybersecurity including Research and Development, Proof-of-Concept Development, Cybersecurity Campaign projects, etc.
- Demonstrated ability to lead strategically and implementation of Strategy within the broader ICT environment.
CRITICAL PERFORMANCE AREA
The incumbent will be responsible to perform the following functions but not limited to;
- Contribute and support the Group Executive (GE): Research and Development (R&D) towards executive decision making in achievement of the broader corporate objectives and provide leadership and direction to the Armscor cyber security department.
- Develop secure business and communication practices, identify security objectives and metrics, choosing and purchasing security products from vendors, ensuring that the company is in regulatory compliance with the rules for relevant bodies, and enforcing adherence to security practices.
- Baseline cyber security maturity level and improve it annually until a desired cyber security maturity level is achieved using capability maturity model integration (CMMI) model.
- Implement secure technologies.
- Integrate technologies at the SOC.
- Working in tandem with the ICT department to ensure that Armscor network architecture is resilient and sufficiently secured against potential cyber-attacks.
- Collaborate closely with the ICT department to ensure an effective and secure Armscor network architecture that is based on the organization’s threat profile and based on best practices.
- Contribute to the creation of the SOC strategy.
- Implement the SOC strategy and the deployment all identified SOC technologies.
- Lead and give direction to all the teams from collection, detection, triage, investigations, incident response and auxiliary functions through utilisation of strong knowledge and insight in the SOC domain.
- Lead DevSecOps adoption by integrating security into development workflows, automating security testing, and fostering collaboration between development, security, and operations teams to mitigate risks.
- Ensure that security policies, practices, and testing are integrated throughout the development lifecycle to mitigate abuse cases in the deliberate/intentional injection of exploitable vulnerability(s) or secrets in the code ending up in DDOS or unauthorised access to data.
- Ensure and maintain a clean audit position of the SOC functionally and operationally.
- Establish and ensure the highest cyber security levels posture compliance with national institute of standards and technology (NIST), federal financial institutions examination council (FFIEC) and international organisation for standardisation / international electro-technical commission (ISO/IEC) 27001:2013 standards, other relevant standards and any applicable standards.
- Collect the most important and critical logs and network data.
- Create playbooks and using case organisation and storage.
- Develop a threat register and risk profiles.
- Use threat intelligence to focus budgets and detection efforts.
KNOWLEDGE & FUNCTIONAL SKILLS:
- Strategic Leadership: Ability to develop and implement comprehensive cybersecurity strategies that align with the organizational goals and objectives.
- Risk Management: expertise in identifying, assessing, and mitigating cybersecurity risks at an organisational level.
- Compliance and governance: deep understanding of regulatory requirements (e.g. GDPR, HIPAA, NIST) and experience in overseeing compliance efforts.
- Budget Management: skills in Managing Cybersecurity budget, including resource allocation and financial planning.
- Crisis Management: ability to lead and manage responses to major security incidents and cases.
- Stakeholder Engagement: skills in interacting with senior executives, board members, and external stakeholder to communicate cybersecurity strategies and needs.
To apply, send your Curriculum Vitae to Vacancies@armscor.co.za
NB: All applicants must indicate reference number of the position they are applying for in the subject heading.
Short-listed candidates will be subjected to reference checking, verification of personal data and security clearance as part of the selection process. In line with Armscor’s commitment to compliance with the Employment Equity Act, preference will be given to suitable candidates from designated groups. People with disabilities are encouraged to apply.
The closing date for applications is 26 November 2024. Late applications will not be considered.Enquiries: Ms Thato Khahleli (012 428 2469)