Deputy Director (ICT Security) at Gauteng Department of Health

Requirements :

• Matric certificate and a three-year National Diploma in Computer Engineering, Information Technology or equivalent qualification at NQF Level 6 (360 Credits) as recognized by SAQA.
• A minimum of seven (7) years’ ICT Infrastructure Support Management environment, with five (4) years’ experience in ICT Security Operations specifically Firewall and Identity Management. Valid Firewall or Cybersecurity Technical certificate is mandatory. Valid MCSA: Windows 2012 or 2016 certificate, Valid CISM certificate or equivalent will be an added advantage.
• A valid driver’s license.
• Skills and Competencies: Experience with Windows Server 2012 & 2016 environment. Experience with Microsoft Exchange 2013 and 2016 environment. Experience with DNS, DHCP, SQL, and WSUS. Experience with antivirus and malware protection solutions.
• Experience with firewall management specifically Fortinet firewalls. Experience in network and systems administration. A strong focus on service delivery with a desire to innovate, improve process, support others and share ideas. Excellent interpersonal relations. Effective communications skills (written and verbal). Attention to details imperative. Excellent Problem-Solving skills. Ability to multi-task is essential. Time management and ability to work under pressure. Ability to adapt to change. Added advantage: Valid CISM, CISSP certificate.

Duties :

• Establish and maintain security governance framework, policies, procedures and standards. Monitor and report on compliance with ICT governance policies and standards.
• Implement annual ICT strategic, business/operational plans and reviews. Conduct risk assessments and implement risk management strategies for ICT systems and processes. Identify, assess and prioritise security risks and vulnerabilities and implement measures to mitigate them. Develop and implement security awareness.
• Enforce compliance with the relevant laws, regulations and best practices in relation to information security. Conduct ICT business impact and security risk analysis.
• Develop mitigation action plan on security breaches and handle security incidents. Implement security controls, review and audit all security controls and procedures.
• Evaluate all changes for their potential impact on network and security aspects, including the information security policy and security controls. Conduct security and network vulnerability and Disaster Recovery Plan (DRP) tests. Maintain confidentiality, integrity and availability of the services in line with the Service Level Agreement (SLA). 
• Verify all access to services by external partners and suppliers in line contractual agreements and responsibilities. Implement ICT equipment and software disposal procedures. Implement encryption and backup for users. Review and implement user account management. Manage Security Operations Centre (SOC).
• Test Disaster Recovery Plan (DRP) and ICT Continuity Site. Safeguard and ensure that all computer updates are deployed according to the procedure. Monitor ICT assets movements.
• Safeguard ICT equipment. Dispose ICT asset. Monitor physical server control. General supervision of employees. Allocate duties and do quality control of the work delivered by supervisees.
• Advice and lead supervisees with regard to all aspects of the work. Manage performance, conduct and discipline of supervisees. Capacitate subordinates through training and development. Develop, implement and monitor work systems and processes to ensure efficient and effective functioning

Closing Date : 18-03-2026