Job category: Others: Transport and Logistics
Location: Johannesburg
Contract: Permanent
Remuneration: Market Related
EE position: Yes
Introduction
Applications are invited for the position of Head of SecDevOps based at Head Office (Bruma). The successful applicant will be reporting to the Chief Technology & Information Officer. The role involves developing and implementing a SecDevOps strategy and roadmap in line with the vision and strategy of the organization. This includes leveraging evolving practices in security, application development, operations, and sourcing to provide a world-class, resilient technology environment. The successful candidate will implement and oversee Secure Software Development Lifecycle (SSDLC) best practices and foster a culture of security excellence within cross-functional teams.
Major Activities
- Develop the SecDevOps strategy to contribute to the overall departmental and organizational strategy.
- Build upon the International Civil Aviation Organisation’s aviation cybersecurity strategy to ensure safety, security, and continuity of ATNS services.
- Actively participate in the development and implementation of the national aviation cybersecurity strategy.
- Drive the adoption of best practices in software development, configuration, and support.
- Lead the secure development and maintenance of ATNS digital platforms.
- Establish an information sharing group for governance and compliance with the South African Civil Aviation Authority.
- Collaborate effectively with technology peers and colleagues across the organization.
- Transform the application landscape through scalable applications and technology.
- Ensure compliance with relevant legal and policy frameworks.
- Facilitate secure software development lifecycle.
- Drive cybersecurity controls to ensure that aviation infrastructure systems are resilient to cyber-attacks.
- Manage solution delivery initiatives for quality coding and efficient delivery.
- Facilitate continuous improvement of application development processes.
- Risk Management: Identify, evaluate, and mitigate security risks.
- Incident Response: Lead and coordinate security incident response.
- Leadership and Team Management: Oversee and mentor a team of DevSecOps engineers and specialists.
Minimum Qualifications
Bachelor’s degree in Information Technology, Information Systems, or a related field. A Master's degree is preferred. Certifications such as PMI-ACP, OSCP, CEH, CISSP, and others like TOGAF, ITIL, COBIT are advantageous. A seasoned professional with a minimum of 10 years' experience in Information Technology, including at least 5 years in SecDevOps or a related field, and 5 years in managing technical teams is required. Experience in a high technology electronic environment with knowledge of aeronautical communication, navigation, and surveillance systems is essential.
Key Knowledge Requirements
- Excellent stakeholder management.
- In-depth knowledge of ICAO global and regional plans.
- Experience in DevSecOps leadership and security management.
- Strong knowledge of secure software development practices.
- Familiarity with OWASP top 10 and other security standards.
- Proficiency in vulnerability management tools.
- Experience with CI/CD pipelines and tools.
- Knowledge of the aviation regulatory framework.
- Experience with cloud platforms and security frameworks.
#J-18808-Ljbffr
