Senior Manager - Cyber Security at North West University

PURPOSE OF THE POSITION:

Cyber Security Specialists play a critical role in protecting an organisation’s information assets and ensuring the resilience of its cyber security defences. They provide leadership, strategic direction, and operational oversight to safeguard against cyber threats, maintain the confidentiality, integrity, and availability of sensitive information, and protect the NWU’s information assets

JOB DESCRIPTION

KEY RESPONSIBILITIES:

  Acquisition and Program/Project Management (5):

• Leads, coordinates, communicates, integrates, and is accountable for the Cyber Security program’s overall success, ensuring alignment with NWU or enterprise priorities, including overseeing CS operations & maintenance, protection & defence, analyse, operation, collection and investigation.
• Program Management (PGMG) 5:

Takes full responsibility for the definition, documentation and successful completion of complex programs.

• Quality Management (QUMG) 5:

Ensures that projects, teams and functions have appropriate CS practices and meet required organisational quality levels.

• Organisational change management (CIPM) 5:

Develops the change management approach and a change management plan in collaboration with sponsors, users and project teams. 

• Supplier Management (SUPP) 6:

Manages suppliers to meet key performance indicators and agreed targets.

• Project Management (PRMG) 6:

Have oversight for the definition, documentation and successful completion of complex Cyber Security projects.

• Portfolio Management (POMG) 5:

Ensures that CS programme/project leads and/or service owners adhere to the agreed portfolio management approach and timetable.

• Risk Management (BURM) 5:

Plans and implements complex and substantial risk management activities within the Cyber Security Programme.

 Specialist Advice:

• Specialist Advice (TECH) 6:

Provides organisational leadership and guidelines to promote developing and exploiting specialist Cyber Security knowledge in the NWU. Maintains a network of recognised experts (inside and/or outside the organisation) who can deliver expert advice in relevant areas. Provides input into professional development planning across IT to further the development of Cyber Security.

    Training, education and awareness:

• Develops, plans, coordinates, and evaluates cyber security training/education courses, methods, and techniques based on instructional needs.
• Learning Design and Development (TMCR) 6:

Specifies solutions for use in Cyber Security learning and development programs in the workplace or in compulsory, further or higher education.

  Cyber Security Management (6):

• Executes decision-making authorities and establishes vision and direction for the NWU’s cyber and cyber-related resources and/or operations.
• Information Security (SCTY) 6:

Co-develops and communicates corporate information security policy, standards and guidelines as set out in the Information governance framework.

• Information Assurance (INAS) 6:

Co-develops information assurance policy, standards and guidelines.

5.    Strategic Planning and Policy:

• Develop cyberspace workforce plans, strategies and guidance to support cyberspace workforce manpower, personnel, training and education requirements and to address changes to cyberspace policy, doctrine, materiel, force structure, and education and training requirements.
• Workforce planning (WFPL) 6:

Defines the workforce planning approach for Cyber Security in line with strategic business goals. Communicates the CS workforce planning approach and obtains organisational commitment.

MINIMUM REQUIREMENTS:

• A 4 year bachelor’s degree (NQF level 8) in Computer Science or STEM.
• A minimum of 5 years’ proven experience in network security, vulnerability assessment, penetration testing, incident response, firewall configuration, identity and access management, data encryption, secure coding practices, and security infrastructure design.
• A minimum of 5 years’ hands-on experience with security tools, conducting security assessments, and responding to security incidents.

RECOMMENDATION:

• Accreditations with the following:
• NIST foundational certification
• Certified Information Systems Security Professional (CISSP)
• Certified Information Systems Auditor (CISA)
• Certified Information Security Manager (CISM)
• CompTIA Security
• Certified Ethical Hacker (CEH)
• GIAC Security Essentials Certification (GSEC)
• Systems Security Certified Practitioner (SSCP)