SANReN CyberSecurity Manager at Council for Scientific and Industrial Research (CSIR)

About the job:

• The CSIR has a vacancy for SANReN Cybersecurity Manager in the South African National Research Network (SANReN) programme within the National Integrated Cyberinfrastructure System (NICIS), which is hosted by the Next Generation Enterprises and Institution (NGEI) cluster. The incumbent will be responsible for leading, developing, and maintaining cybersecurity and related services for NICIS and SANReN, as well as providing cybersecurity support and consulting to the SANReN constituency. The position is based in Pretoria and will report to SANReN Director.

Key responsibilities:

• Manage the SANREN CSIRT (Cybersecurity Specialists with skills in information security, system administration, network engineering and IT services development) to implement the SA NREN information security strategy;
• Drive SA NREN information security and risk posture planning activities;
• Take the lead in defining policies and processes (culminating in an incident response plan) for handling information security incidents at the SA NREN level;
• Design and implement reactive and/or pro-active CSIRT services;
• Coordinate efforts to identify threats to, and vulnerabilities of SA NREN infrastructure;
• Research new cybersecurity trends, threats and risks, including innovating new tools for an efficient SANREN CSIRT
• Report to and advise the NICIS Management Team, SANReN Management Team, TENET Executive and TENET Board on the information security posture of SA NREN IT resources;
• Coordinate mechanisms for distributing information security alerts and warnings including incident-related activity, critical patches, etc. to the community;
• Collaborate with partners to enhance incident prevention and protection activities, particularly the TENET CSIRT team;
• Represent the CSIRT nationally and internationally at various forums, such as the Forum of Incident Response and Security Teams (FIRST); 
• Organise/coordinate SA NREN CSIRT education and training events ¿ e.g. workshops, training events and awareness campaigns;
• Define the vulnerability management process (patching, workarounds, etc.) for SA NREN infrastructure; and the development of penetration testing capabilities
• Lead the mitigation of identified threats to and vulnerabilities of SA NREN infrastructure;
• Manage compliance and audit tasks related to information security;
• Direct the implementation/adaptation of a ticketing system for tracking incidents, response actions and maintaining incident history/statistics;
• Contribute to SANReN's services development and incubation (SDI), Network Engineering (NE) and Project Management and Procurement (PPM) activities;
• Supporting national and international information security strategic initiatives;
• Contribute to SANReN's strategic planning, marketing and communications, as well as risk management activities;
• Contribute to NICIS activities aimed at developing and delivering a portfolio of integrated science data transport, stewardship and high-performance computing services;
• Provide mentorship and technical coaching.

Qualifications, skills and experience:

• A Master's degree in computer/electronic engineering, computer science or related fields with at least ten years' experience in ICT, of which five years should be in information security e.g. incident handling, risk management, security engineering, auditing (with preferably two years as part of a CSIRT/CERT/SOC);
• A Doctoral degree in computer/electronic engineering or computer science will be advantageous;
• Must have at least one security-related certification: (i.e. CISSP, Security+, CASP, CISA, CISM, ISO 2700x/27035, CRISC, SSCP, GIAC, TRANSITS, CEH);

The following would be advantageous:

• Professional registration with relevant bodies, e.g. Professional Engineer with the Engineering Council of South Africa (ECSA) or Institute of Information Technology Professionals in South Africa (IITPSA);
• Relevant industry certifications in project management and/or services management

Skills and knowledge in the following areas:

• Data handling and interpretation;
• Vulnerability assessments, identification and resolution;
• Penetration testing principles, tools and techniques;
• Configuration and use of network protection components / securing networks;
• Identifying critical information infrastructure;
• Risk assessments, auditing, etc.
• Security architecture;
• Incident response policy and procedure development;
• IT operations, Help desk, ISSO / ISSE, policy writing, compliance, software and systems development, system administration, etc.
• System and/or network administration;
• Network applications and services;
• Software development: programming and scripting;
• General security / information assurance principles;
• Cyber security threats, attack types, vulnerabilities and exploit methodologies;
• Incident response/handling methodologies, categories, procedures;
• Good understanding of common security tools and techniques, e.g. SIEM, IDS/IPS, Netflow analysis, protocol analysis, vulnerability assessment, log aggregation, event correlation;
• Cryptography.
• Ability to lead a team;
• Ability to provide thought leadership and high-level conceptualisation;
• Excellent communication and presentation skills;
• Conflict management skills;
• Decisiveness and action orientation;
• Appropriate national and international RDI networks;
• South African Citizen is necessary as a Security Clearance may be required for this position.

What's in it for you?

The CSIR offers:

• Flexible hybrid work arrangement.
• Learning and development opportunities.
• Competitive and market-related remuneration packages.
• Total guaranteed salary packages which encompass contributions to the pension fund, risk insurance and medical scheme.
• We openly acknowledge and reward our employees' contributions and accomplishments through our esteemed CSIR Excellence Awards.

Closing Date

16/02/2026