Job category: FMCG, Retail, Wholesale and Supply Chain
Location: Cape Town
Contract: Permanent
Remuneration: Market Related
EE position: No
Introduction
At Woolies we are on a mission to build and develop a high-performing cyber security function in support of a complex business undergoing digital transformation. We are looking for a senior leader in the cybersecurity team to take responsibility for cyber security operations across Woolworths South Africa. The objective is to continue building and enhancing the function with a strong focus on people development while leveraging modern technology solutions and specialist third parties to continually improve security posture. This role reports to the CISO and is a leadership role requiring demonstrable experience in strategy and delivery of cyber security operations. Experience in modern SecOps environments and technology is required.
Responsibilities
- PEOPLE
- Enhancing cyber intellectual capital: Leadership and management of the cyber security team covering talent development and performance management.
- Building culture and teaming: Management of internal partnerships for execution, including context setting, skills transfer, and up-skilling.
- Management of key external security partner and service relationships.
- PROCESS
- Work with the CISO and other key stakeholders to define and drive a threat-informed and risk-based cyber security strategy.
- Take responsibility for security operations covering offence and defence, incident response, and threat intelligence.
- Contribute to the ongoing improvement of cyber security operations, processes and ways of working.
- Translate strategic security requirements into practical solutions and drive implementation.
- Contribute to the ongoing maintenance and enhancement of Cyber and Information Security Policies, Standards, Procedures and Guidelines.
- Remain aware of global security industry trends and influence the strategy accordingly.
- Manage forecasts and budgets.
- CUSTOMER
- Understand Cyber, IT and Business strategies and contribute to the creation and delivery of annual cyber security roadmap and execution.
- Plan and prioritize projects and workload to deliver to the roadmap.
- Provide updates, context and feedback to relevant stakeholders.
Competencies
- Technical Acumen : Makes sound technical decisions based on understanding of what is commercially achievable within technological constraints.
- Business & Commercial Acumen : Responsive to external influences on the organisation.
- Analytical Thinking : Effectively applies substantial in-depth analysis to determine and meet requirements.
- Results Orientation : Plans and ensures implementation of activities/projects identified in business strategy.
- Communication : Actively listens, interprets and presents messages in different ways to enhance understanding.
Minimum Requirements
- 12 years relevant experience in the cyber and information security discipline.
- 6 years experience in people leadership.
- Demonstrable experience in leading a specialised team within a large environment.
- Experience with security frameworks, practices, technologies, and processes.
- Resiliency, determination, and pragmatism.
- May be required to assist outside of working hours.
Additional Criteria
- Practical experience with the MITRE ATT&CK framework.
- Working knowledge of PCI-DSS.
- Previous hands-on technical security experience is advantageous.
- 3-year IT qualification is advantageous.
- Post-graduate degree and industry certifications are advantageous.
#J-18808-Ljbffr