Senior Manager: Information and Cyber Security at Believe Resourcing Group

About the Role
The Information Security team is responsible for protecting the confidentiality, availability and integrity of the
one of South Africa's leading Universities' information and information systems.
 

• You are a self-motivated, proactive Senior manager who will lead the development of existing, and the
• implementation of new processes and procedures. Although a senior-level management role, the role retains
• responsibility for the practical application of cyber operations. It would suit an individual who has demonstrated
• experience in stakeholder management and can lead a team of security analysts through the effective identification,
• response, and recovery process for cyber incidents, even when working under pressure.

Skills and experience

• Do you have demonstrable experience leading and managing operational information and cyber security service delivery and experience working in cyber security operations?
• Proven ability to act as the escalation point for all security incidents that require attention and timely
•   responses?
• Can you effectively manage security incidents, ensuring the appropriate process is followed from start to
•   finish e.g., Coordinate response, triage and escalation of security events affecting information assets and activities within a Computer Incident Response team?
• Can you review new SIEM use cases, and run books that provide guidelines for analyzing and responding to
•   specific threats related to the new use case?
• Are you looking to take your cyber security skillset to the next level, leading and developing others?
• Do you possess excellent interpersonal skills, with the ability to communicate with staff at all levels?
• Are you able to build effective working relationships with internal and external stakeholders?
• Requirements for the job:
• Relevant qualification at NQF level 7 (Computer Science, Information Systems (information and/or security domain as major) or similar)
• Advanced certifications such as CISM, CISSP or CASP which are current
• 10 years’ experience in Information technology (Enterprise infrastructure) with a minimum of 5 years in an information and cyber security role
• 3 years experience in a senior management role at team level or higher, with demonstrated experience and understanding of project and program management

Technical competencies for the job:

• Hands-on experience analyzing high volumes of logs, network data (e.g., NetFlow, FPC), and other attac artefacts in support of incident investigations
• Proficiency in information and cybersecurity incident handling
• Knowledge of legal, regulatory, and privacy requirements
• Knowledge of Data Loss Prevention, Data Replication, and Disaster Recovery Systems.
• A deep understanding of Technology Security risks and mitigating solutions
• Strong knowledge and implementation of ISO/IEC 27001/2:2022 or 2013 Cybersecurity Framework
• Knowledge of legal, regulatory, and privacy requirements
• Knowledge of Centre of Internet Security Framework (CIS)
• Knowledge of COBIT 2019 and NIST frameworks
• Strong knowledge and experience with defining and implementing controls to protect personal information and privacy in alignment with POPIA
• Proficiency in three or more of the following: Anti-Virus, IDS/IPS, Full Packet Capture, Host-Based Forensics, Network security, and/or RSA Security
• In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform(e.g., Nitro/McAfee Enterprise Security Manager, SIEMonster, ArcSight, QRadar, Log Logic, Splunk)
• Demonstrable experience in securing and knowledge of mobile technology and operating systems (i.e., Android, iOS, Windows)
• Demonstrable experience in implementing and knowledge of computer security (Windows, Mac, and Linux)
• Understanding of virtualization and containerization technologies e.g., VMware technology, Kubernetes

  
Non-Technical competencies for the job:

• Proven ability to work under stress in emergencies, with the flexibility to handle multiple high-pressure   situations simultaneously
• Experience in cyber security strategy and roadmap development
• Excellent written and verbal communication skills with the ability to form effective working relationships with nother staff and stakeholders
• Confident in communicating technical cyber security risks, incidents and threats to non-technical staff and stakeholders
• Determination and tenacity to drive service and security improvements across the business and the ability to assess the effectiveness of control measures and make improvement suggestions
• Proven hands-on operational experience within cyber security with a broad knowledge of the subject/domains
• Ability to work well under minimal supervision