Closing Date
2022/07/29
Reference Number
SAA220706-2
Job Title
Specialist: Cyber Security
Division
Information Technology
Business Unit
IT and Cyber Security
Job Type
Permanent
Location - Country
South Africa
Location - Province
Gauteng
Location - Town / City
Kempton Park
Job Purpose
The Specialist: Cyber Security is responsible for establishing and enforcing information security to protect the computer infrastructure, networks and data against cyber-attacks and internal threats. The position will achieve this by co-ordinating security services from service providers and act as the primary integration layer into the company; the key functional themes are Cyber Security Services, Service Providers, SLA Management.
The primary functions of this position include validating the effectiveness of existing security measures and developing an overall strategy to ensure the long-term information security efficiency and regulatory compliance. Maintain high performing service support functions as per the Service Level Agreement. The job duties include establishing IT security policies and procedures, managing vulnerabilities, managing the security operations centre service, effective incident management, regulating access to information and training staff on proper use of information systems. Monitoring infrastructure, devices and systems for security gaps, design effective solutions and provide reports to management and executive staff.
Principal Accountabilities
Contribute to the design of the IT Divisional Strategy and ensure strategies are implemented and integrated within areas of responsibility
Design/ Contribute to the IT Department Strategy taking into account specialist expertise, best practice, benchmarking and market standards etc.
Determines policies, processes, action plans and systems to support implementation of the strategy
Identify and drive initiatives to support profitability and cost containment in department and division
Manage and control budget in area of responsibility
Manage the built-in security systems to software, hardware and components
Develop strategies for software systems, networks, data centers and hardware
Understand the QA software and hardware for security vulnerabilities and risks
Identify initiatives in alignment with business requirements and strategic objectives
Analyse cost drivers and embark on cost containment initiatives in order to maximise the benefits realisation of organisational design and reporting
Manage services providers according to their service level agreement to ensure budget compliance and reduce risks for the Airline Operational
Utilises and optimises resources in area of responsibility
Optimise technology to enhance internal and external customer expectations
Ensure all processes implemented to deliver customer value
Drive customer centricity within areas of control
Establish and manage effective internal and external stakeholder relationships through appropriate relationship building and networking
Enforce Governance and Risk Management policies, processes and systems
Deliver on regular and timeous reporting of information to key stakeholders
Drive continuous optimisation programmes and initiatives
Engage in trend analysis, benchmarking, research, best practice to support optimisation of department/ division
Manages programmes and projects to contribute to the optimisation of the department/ division
Develops and implements information security standards, guidelines, and procedures
Safeguards information system assets by identifying and solving potential and actual security problems
Protects system by defining access privileges, control structures, and resources
Recognises problems by identifying abnormalities; reporting violations
Implements security improvements by assessing current situation; evaluating trends; anticipating requirements
Determines security violations and inefficiencies by conducting periodic audits
Upgrades system by implementing and maintaining security controls
Keeps users informed by preparing performance reports; communicating system status
Maintains quality service by following organisation standards
Maintains technical knowledge by attending educational workshops; reviewing publications
Contributes to team effort by accomplishing related results as needed
Configure anti-virus systems and consoles People
Actively supports and adheres to people processes and plans to deliver on divisional objectives
Provides direction, mentoring and coaching to team members to maximise productivity and development
Drives and implements change initiatives with the vision and strategic direction of the airline Lives and role models the airline’s Values
Qualifications & Experience
Bachelor’s degree in IT Security at NQF level 7 is essential
Relevant postgraduate qualification will be an advantage
One or more these industry IT Security and or Cybersecurity Certifications: CISM, CISA, CISSP-ISSEP, CISSP-ISSAP, ISO2-001 Lead Implementer
ITIL certification will be an advantage
6 – 8 years’ experience in IT Security Service Management
Experience developing departmental policies, procedures, standards and guidelines
Cyber operations management experience and responsibility leading cyber programmes
Knowledge and Skills
Experience with security programme that assesses current security posture and recommends effective policies and strategies for long-term protection of the IT assets
Experience in dealing with cyber-security incidents, vulnerabilities management and overall security strategies
In-depth understanding of experience in overseeing cyber-security threats, penetration tests and other vulnerabilities including managing the mitigation responses
Enforcement with all service providers to ensure all infrastructure, network components, applications and devices are properly configured and protected from cyber threats
Experience with information security standards and regulations
Latest security and technology developments
In-depth knowledge of architecture, engineering and operations of enterprise SIEM platforms and SOCs
Demonstrated experience in Internet and network security products and platforms, including intrusion detection, intrusion prevention, incident response, vulnerability assessments and penetration testing
Excellent knowledge of information security alerts, threat trends, intrusion analysis, malware, anomalous behaviour, forensic research and incident response protocols
Knowledge of basic system administration and operating system hardening techniques
System administration
Network security
Problem solving skills
Information security policies
On-call network troubleshooting
Firewall administration
Network protocols
Routers, hubs, and switches
Informing others
Process improvement
Resource utilisation
Strong service management leadership skills and ability to work effectively with all IT functions and service providers
Strong analytical, project management and team-oriented interpersonal skills Proven ability to work under pressure in emergencies and communicate security-related concepts to technical and non-technical staff
Attributes
Leads crucial conversations
Coaches and mentors
Leads projects
Facilitates transformation and change
Drives innovation
Implements and aligns to vision
Delivers value
Leverages team diversity
Role models behaviours and values
0 Comments