Executive Manager: Cybersecurity REF No: 9993185 at Armscor

QUALIFICATIONS AND EXPERIENCE:

• Grade 12
• Bachelor’s Degree in Cybersecurity, Computer Science or Information Technology or related fields.
• CISSP – Certified Information Systems Professional 
• CISM – Certified Information Security Manager 
• CCISO – Certified Chief Information Officer 
• CCSP – Certified Cloud security Professional 
• CISA – Certified Information Systems Auditor 
• CRISC – Certified Risk and Information system Control 
• ISO/IEC 27001 Lead Implementer or Auditor 
• At least 15 or more years working experience 
• At least seven years’ experience operating at a senior managerial level within a security sensitive, digitally advanced environment 
• A proven record of Technical Proficiency in Cybersecurity including Research and Development, Proof-of-Concept Development, Cybersecurity Campaign projects, etc. 
• Demonstrated ability to lead strategically and implementation of Strategy within the broader ICT environment. 

 CRITICAL PERFORMANCE AREA

The incumbent will be responsible to perform the following functions but not limited to;

• Contribute and support the Group Executive (GE): Research and Development (R&D) towards executive decision making in achievement of the broader corporate objectives and provide leadership and direction to the Armscor cyber security department. 
• Develop secure business and communication practices, identify security objectives and metrics, choosing and purchasing security products from vendors, ensuring that the company is in regulatory compliance with the rules for relevant bodies, and enforcing adherence to security practices. 
• Baseline cyber security maturity level and improve it annually until a desired cyber security maturity level is achieved using capability maturity model integration (CMMI) model. 
• Implement secure technologies. 
• Integrate technologies at the SOC. 
• Working in tandem with the ICT department to ensure that Armscor network architecture is resilient and sufficiently secured against potential cyber-attacks. 
• Collaborate closely with the ICT department to ensure an effective and secure Armscor network architecture that is based on the organization’s threat profile and based on best practices. 
• Contribute to the creation of the SOC strategy. 
• Implement the SOC strategy and the deployment all identified SOC technologies. 
• Lead and give direction to all the teams from collection, detection, triage, investigations, incident response and auxiliary functions through utilisation of strong knowledge and insight in the SOC domain. 
• Lead DevSecOps adoption by integrating security into development workflows, automating security testing, and fostering collaboration between development, security, and operations teams to mitigate risks. 
• Ensure that security policies, practices, and testing are integrated throughout the development lifecycle to mitigate abuse cases in the deliberate/intentional injection of exploitable vulnerability(s) or secrets in the code ending up in DDOS or unauthorised access to data. 
• Ensure and maintain a clean audit position of the SOC functionally and operationally. 
• Establish and ensure the highest cyber security levels posture compliance with national institute of standards and technology (NIST), federal financial institutions examination council (FFIEC) and international organisation for standardisation / international electro-technical commission (ISO/IEC) 27001:2013 standards, other relevant standards and any applicable standards. 
• Collect the most important and critical logs and network data. 
• Create playbooks and using case organisation and storage. 
• Develop a threat register and risk profiles. 
• Use threat intelligence to focus budgets and detection efforts.