Cyber Security Operations Manager at Telesure Investment Holdings (TIH)

Specification    
Operations Management

• Oversee an operational area with guidance from senior colleagues. Could involve responsibility for development or delivery (or both). Provide input, participate and collaborate on cyber security related projects, specifically within the technology domain, towards ensuring appropriate operations representation and to allow for more seamless operationalization and handover. Assist in establishing and generating mature cyber security operations metrics and indicators. Report on key cyber security operations metrics and indicators to management, the executive and relevant oversight forums. Implement improvements and continuously mature cyber security operations functions.

Information Security

• Define business impact of security incidents and identify and drive recommendations for change to prevent similar incidents. Take ownership of and drive maturity of information and cyber security operations within TIH, and specifically as it pertains to centralized operation of cyber security technologies and activities directly related thereto. This includes technologies across the following areas, whether on-premise or cloud hosted such as Internet and dark web cyber threat exposure; network security; endpoint security; identity and access management; application security (proactive and reactive technology protections); vulnerability management; data security; cyber security incident detection and response; and manage, maintain and oversee administration of various cyber security technology components and systems and keep in operating order.

Operational Compliance

• Monitor and review performance and behaviors within area of responsibility to identify and resolve non-compliance with the organization's policies and relevant regulatory codes and codes of conduct. Ensure, through appropriate planning, execution, oversight of implementation and management of centralized and dedicated operations, TIH is able to appropriately identify, protect, detect, respond and recover to cyber security threats. Additionally, this role should strengthen TIH’s prediction capability, where possible, as a lead-in to further enhancing and optimizing said lifecycle.

Policies and Procedures Development

• Develop policies, procedures, and related guidelines for an important area of responsibility within a function, ensuring compliance with external requirements and integration with the broader functional policy framework. Collaborate with risk, compliance and forensic functions to ensure that; controls comply with various internal and external requirements, cyber risks are measured, managed and communicated, and digital forensic capabilities are maintained and improved. Take ownership of, manage and optimize operation of dedicated and centralized cyber security technology. This includes establishing relevant structures, operating procedures and other mechanisms to ensure consistent execution, quality outcomes and alignment to TIH security governance and international best practice. Participate and positively contribute to governance forums, committees or groups within TIH.

Stakeholder Engagement

• Identify and manage stakeholders up to management level, finding out their needs/issues/concerns and reacting to these by leading and coordinating the development of stakeholder engagement plans to support the communication of business information and decisions. Build and maintain relationships with teams and areas within TIH towards ensuring collaboration and overall successful functioning of cyber security operations across the organization.

Horizon Scanning

• Identify new external developments and / or emerging issues within an area of technology or business function and evaluate their potential impact on, or usefulness to, the organization. Have a clear and sound understanding of the information security operations
• landscape, both current and as it continues to evolve. Collaborate with the Information Security Architecture function around strategic cyber security technology selection and investment, or technologies with an impact on cyber security.

Analysis of "As Is" and "To Be"

• Document complex "as is" and "to be" processes and describe the changes required to migrate to the "to be" capability to record accurately the change required. Maintain visibility of emerging information and cyber security threats and trends and adjust operations activities to best defend against such threats. Participate in and provide leadership and direction during cyber security incident response activities, as well as provide post-incident reporting and root cause analysis.

Business Requirements Identification

• Collect business requirements using a variety of methods such as interviews, document analysis, workshops, and workflow analysis to express the requirements in terms of target user roles and goals.

Insights and Reporting

• Prepare and coordinate the completion of various data and analytics reports. Identifying and interpreting complex patterns and trends, and translating those insights into actionable recommendations. Design and perform appropriate metrics that will enable monitoring, diagnosing, and correcting performance issues.

Leadership and Direction

• Communicate the actions needed to implement the function's strategy and business plan within the team; explain the relationship to the broader organization's mission, vision and values; motivate people to commit to these and to doing extraordinary things to achieve local business goals. Provide leadership and effectively run the centralized and dedicated cyber security operational team(s).
• Provide direction and leadership, contract and engage, maintain oversight of, and manage relationships and output of service providers, providing cyber security operations functions. Provide cyber security operations leadership and direction, including in the context of cyber security related forums and groups within TIH.

Performance Management

• Develop and propose own performance objectives; take appropriate actions to ensure achievement of agreed objectives, using the organization's performance management systems to improve personal performance. OR Manage and report on team performance; set appropriate performance objectives for direct reports or project / account team members and hold them accountable for achieving these, taking appropriate corrective action where necessary to ensure the achievement of team / personal objectives.

Building Capability

• Implement the formal development framework for a team, with guidance from senior colleagues. Provide informal coaching to others throughout the organization in area of expertise. Grow, upskill, manage and mentor the operations team members to ensure skills and capabilities continue to mature with an evolving threat landscape.

Requirements    

• General Education
• Grade 12/ SAQA Accredited Equivalent (Essential);
• Relevant industry certifications, such as CISSP, CISM, CEH, ISO27032 etc. (Essential);
• Degree or diploma in an information technology or related domain (Advantageous)

General Experience

• Minimum of 5 years' experience in information / cyber security with specific experience in cyber security operations (Essential); Experience working in Financial Services Industry (Advantageous)

Managerial Experience

• 2 or more years' experience of supervising and directing people and other resources to achieve specific end results within limited timeframes (Essential)

*SAQA Accredited Equivalent* - It is the onus of the applicant to provide TIH and its subsidiaries with certified evidence that their qualification(s) meet the equivalent NQF level required for this role at time of application.

Financial Sector Conduct Authority (FSCA)** competency requirements: FAIS recognized qualifications / Regulatory Examinations / Class of Business Certification and / or CPD according to your DOFA (where applicable) - As a registered Financial Service Provider, we are mandated to ensure that all our representatives are always and remain fit and proper at all times. By applying for this role, you consent to having your relevant qualification and or accreditation or confirm that you are working towards meeting the competency requirements. You further consent to the relevant information being verified.

Employment Equity

The Company's approved Employment Equity Plan and Targets will be considered as part of the recruitment process. As an Equal Opportunities employer, we actively encourage and welcome people with various disabilities to apply. TIH is committed to an organizational culture that recognizes, appreciates and values diversity & inclusion.

Should you not hear from our team in 30 days, kindly consider your application unsuccessful.

Unlock your greatness & be unstoppable