Our client, a leading provider of ICT services, is looking for a Security Manager to join their team.PurposeThe Information Security Manager serves as the process owner of all assurance activities related to the availability, integrity, and confidentiality of customer, business partner, employee, and business information in compliance with the organization's information security policies. A key element of this role is working with executive management to determine acceptable levels of risk for the organization. This position is responsible for establishing and maintaining a corporate-wide information security management program to ensure that information assets are adequately protected. The Information Security Manager will work closely with the Head of IT and must have a strong working knowledge of information technology.Key ResponsibilitiesDaily operations of the IT security program as well as establishing and maintaining the right levels of cybersecurity baseline and audit controls.Is responsible for initial and periodic information security risk assessment/analysis, mitigation, and remediation.Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program.Work directly with the business units to facilitate risk assessment and risk management processes.Develop and enhance an information security management framework and ensure the consistent application of policies and standards across all technology projects, systems, and services.Setup a companywide cybersecurity dashboard to monitor and track all baseline controls, coordinate weekly and monthly review sessions, and ensure delivery.Provide cybersecurity leadership across the organization.Partner with business stakeholders across the company to raise awareness of risk management concerns.Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems.Setup and maintain appropriate capabilities to continuously monitor all systems for potential attacks and be able to immediately analyse any cybersecurity incidents and respond to block any infiltration and protect information and data.Evaluates security trends, evolving threats, risks, and vulnerabilities and apply tools to mitigate risk as necessary.Work closely with all resilience and DRP functions/coordinators to ensure the resilience of all BCP functions against cybersecurity incidents.Collaborates with organization senior management, Privacy Officer, and Corporate Compliance Officer to establish governance for the security program.Making sure the company is compliant with local, national, and global regulations, especially in areas like privacy, health, and safety.Initiates facilitate and promote activities to foster information security awareness within the organization.Creates a culture of cybersecurity both with the IT organization and driving behavioural changes for the business. Serves in a leadership role for security compliance.Collaborate with leadership and business stakeholders to develop an annual operational plan in line with the strategy.Develop, collaborate and facilitate policy development and implementation.Conduct due diligence of internal and external parties.Implement and maintain Service Level agreements with external parties to ensure that quality of service is maintained.Manage third party supplier and supplier risk.Provide governance and regulatory advisory services to business units.Collaborate with team to identify risks for emerging technologies and ensure alignment to relevant legislation or the changes.Monitor and analyse technology risk trends and advise, plan and execute mitigation or remedial actions.Perform performance management, through KPI's and performance appraisals.Mentor and coaching of staff.QualificationsDegree in Information Technology related field required.Professional security management certification.ExperienceMinimum of 6 years of experience in IT-related jobs.Minimum of 4 years of experience in a combination of risk management and information security management jobs.Experience with contract and vendor negotiations and management including managed services.Specific experience in Agile (scaled) software development or other best in Class development practices.Experience with Cloud computing/Elastic computing across virtualized environments.KnowledgeKnowledge of common information security management frameworks, such as ISO/IEC 27001, and NIST.Excellent written and verbal communication skills and a high level of personal integrity.Should you not receive a response from us within one week of your application, your application has unfortunately not been successful.You can visit our website for more vacancies: www.wePlace.co.za / LinkedIn www.linkedin.com/company/wePlace
#J-18808-Ljbffr
