It Security Manager Johannesburg - DGL HR - Johannesburg

Please do not contact any of the recruiters directly Should your CV be successful, We will be in contact If you have not recieved feedback in 2 weeks, please consider your application unsuccessful IT Security and GRC Manager Location: Johannesburg, Gauteng Salary: /- 1.25 Mil Pa Depending on experience The core purpose of the role is to establish and maintain a framework that provides assurance that information security and strategies are aligned with and support business objectives, are consistent with applicable laws and regulations through the adherence to policies and internal controls and provide assignment of responsibilities, all in an effort to manage risk. The role also includes ensuring compliance with all the relevant privacy regulations, coordination of IT audits and playing a key supporting role when it comes to disaster recovery planning and testing. Academic requirements Essential: 3-year Degree in Computer Science or informatics CISSP, CISM ITIL Certification Advantageous: Knowledge of ISO 27001/27002, NIST Cybersecurity Framework, POPIA. Prefer candidate with critical technical and leadership-oriented IT security certifications, such as CISA, CRISC, CISSP, CISM, or equivalent. Established experience in planning, organizing, and developing IT security teams and strategy. Substantial exposure to data processing, hardware platforms, enterprise software applications and outsourced systems, with preference in Microsoft Technologies. Expertise in leverage of cloud-based solutions necessary to enable the distributed enterprise. Ability to instil confidence in the business and demonstrate the business value of IT. Effective influencing and negotiation skills in an environment where resources may not be in direct control of this role. Excellent analytical, strategic conceptual thinking, strategic planning and execution skills. Strong business acumen, including industry, domain-specific knowledge of the enterprise and its business units. Success in leveraging both traditional best practices, such as IT Service Management practices based on ITIL, as well as emerging methods like DEV/SEC/OPS that are optimized for agility. Demonstrated ability to develop and execute a strategic people plan that ensures that the right people are in the right roles at the right time and that employees are highly engaged and satisfied. Strong vendor management and partner relationship skills. Work experience Essential: 3 - 5 years proven track record in IT Security and GRC 3 - 5 experience in governing a Microsoft environment. 1 - 2 years in a senior leadership role, managing and growing a team within the IT Security and GRC. Experience in contract and vendor SLA management. Advantageous: Experience in ITSM Governance Frameworks Experience in supplier contract negotiations. Experience in the logistic business Experience with formulating an IT and Security Strategies . Knowledge Essential: • Sound understanding of ITIL governance framework • Sound understanding of ISO security standards • Practical experience in the field of IT Security and GRC • Sound knowledge of relevant Legislations and Security/Governance standards. • Specialist understanding of: • - Cloud Security - Email and Internet Security - Threat and Vulnerability Management - Endpoint Security - Data Loss Prevention - Firewall Management - SIEM and SOC Management - Identity and Access Management Advantageous: Knowledge of common IT Infrastructure management frameworks and relevant industry certifications. Skills Good communication skills to persuade & influence others effectively at all levels (externally and internally). The ability to translate business requirements into technical solutions to provide direction and support to technical staff. Highly developed Interpersonal skills to manage service provider network effectively, handle conflict, including sensitivity to diversity. Advanced critical and analytical thinking & problem-solving skills to perform in-depth analysis of the IT environment. Above average, numeric reasoning skills to draw logical conclusions from numerical information. Ability to multi-task. Ability to perform duties independently and under pressure. Adequate project management skills. Excellent verbal and written communication skills, including the ability to explain technical concepts and technologies to business leaders, and business concepts to the security workforce. Advantageous: Remaining resilient under stress and pressure Preference for thinking practically and laterally Strong inclination for change agility Preference for team working Preference for planning and organizing Concern for aligning with best practice A passion for translating strategy into action Openness to accepting feedback Personal Attributes Essential: Clear communicator Growing and nurturing relationships Passion for optimizing business performance Strong customer centricity Passion for leading others and instilling our culture Analyzing and solving problems High sense of urgency Proactive Key deliverables and outputs 1. Governance and Risk Maintain all IT policies and related processes for annual reviews, stakeholder vetting and relevant Committee approvals. This includes maintaining process to review, approve, and monitor all exceptions to the organization and Group policies. Owns and runs all aspects related to security awareness programs. Responsible for 3rd party security risk management and oversight. Responsible for contract reviews with potential technology providers to ensure negotiated agreement include critical Information Assurance terms and conditions. Provides ongoing metrics and reporting for governance, risk and security within the organization. Works with the senior leadership team on the service portfolio and governance requirements. Serves on IT planning and policymaking committees; drives the development of enterprise security technology standards, governance processes and performance metrics to ensure the services consistently deliver value to the enterprise. Coordinates annual independent assessments of external and internal information security capabilities and audits. 2. Security Governance Drive the implementation of an application that will map out, report on, enforce, and alert around security and controls violations. Drive the implementation of an Identity and Access Management solution, including SoD analysis and automation. Own and direct the organization's approach to IT security. - Coordinate the security governance of the organization. Coordinate Security User Awareness programmes within the organization. Manage and own the process of vulnerability assessments and penetration testing. - Ensures that the findings from any security assessment are rectified. Keeps abreast of any new vulnerabilities and security threats in order to ensure that the organization's assets are protected at all times. 3. Leadership Coach and lead employees with respect to the delivery of the organization's GRC objectives. Continuously assess and align core and extended team member skills with strategic Security and Technology direction. Develop and maintain critical 3rd party partnerships to increase capacity and skill to meet demand. Gathers reports and analysis on service consumption and value delivered to the organization's customers to ensure SLAs are met. Partner with Security Governance team to supervise and carry out compliance with the organization's security policies and standards among employees, contractors and third parties responsible for Security Delivery. Participate in the Information Security Leadership Team, to ensure reliable service delivery and efficient use of all resources. 4. Additional duties and responsibilities Draft and own all required and relevant IT policies, procedures and frameworks, Present all IT policies for Executive sign-off, Performing other duties or functions as requested by management. Internal customers All internal business stakeholders (e.g. Senior Managers and EXCO) and Nebula Group staff External stakeholders External business stakeholders IT service providers Salary: /- 1.25 Mil Pa Depending on experience Apply Now

Share this job with someone you think should apply!

Facebook

It Security Manager Johannesburg - Johannesburg

Related Jobs

IT Governance, Risk and Compliance Specialist (IT Governance certification/ITIL/COBIT) - Johannesburg

IT Internal Auditor - Johannesburg

Security Specialist - Johannesburg

Cyber Security Specialist - Vulnerability Management - Midrand

Information Security Specialist - Johannesburg

Want to do another search?