Assistant Director: Information Systems Security at The Department of Sports, Arts and Culture (DSAC)

• The purpose of this job is to implement and maintain an information systems security framework in line with compliance and cybersecurity standards of the department.

REQUIREMENTS :

• Senior Certificate/Matric Certificate /Grade 12 Certificate or equivalent qualification.
• A minimum three-year National Diploma (NQF level 6)/ Degree (NQF level 7) as recognised by SAQA in Information Technology/ Information Systems/ Computer Science/ Information Security or any relevant Information

Technology qualification.

• Certification in Information Systems Security is an  added requirement. 2-3 years relevant experience at least 2 years as a Chief /Network Controller/ Information Technology
• Technician in an Information Technology environment.

Competencies:

• Knowledge of Public Service Regulation.
• Knowledge of ICT security principles, especially around VPN and remote access.
• Knowledge of national and departmental ICT security regulations.
• Knowledge of back-up and recovery Systems and management (VEEAM, NetBackup etc.)
• Knowledge in the design of cybersecurity and information system security solutions and technologies.
• Knowledge of backup systems and storage area networks.
• Knowledge of Firewalls and proxies.
• Presentation Skills.
• Computer literacy.
• Planning and organisational skills.
• Good communication and interpersonal relations.
• Problem solving skills.
• Client Orientation and Customer Focus.

DUTIES :

Implement and maintain Information Security Frameworks of the department:

• Develop, implement, and continuously update the department’s information systems security framework.
• Ensure that the systems infrastructure aligns with security policies, compliance requirements, of the department.
• Oversee the secure configuration process.
• Ensure servers are properly configured and secured.
• Monitor and Secure Network Infrastructure.
• Monitor all network security tools, antivirus systems, firewalls, mail/web filtering, and intrusion detection systems.
• Perform regular reviews of system connectivity, unusual activity or unauthorized access attempts.
• Participate in technical network audit and security audits.
• Ensure secure remote access in the department.
• Conduct Security Assessments and Risk Mitigation.
• Conduct regular vulnerability assessments and security testing to identify and address potential system weaknesses.
• Analyse results and implement risk mitigation strategies based on identified vulnerabilities.
• Support internal and external ICT audits by addressing VPN and related access control findings.
• Manage Access Control and User Authentication.
• Oversee user access management processes.
• Maintain IT access control solutions and systems.
• Check that the security logs are kept and maintained.
• Audit reports generated by the access control system.
• Creation/reset of users and passwords.
• Maintain and enforce multi-factor authentication (MFA) for VPN and sensitive system access.
• Support Business Continuity and Legal Compliance.
• Ensure secure data backup, storage, and replication to support disaster recoveries.
• Monitor compliance with national ICT security laws and policies. Implement audit recommendations.
• Contribute to the development and rollout of security policies and procedures.
• Create awareness training in the department