Purpose of the role
The core purpose of the role is to establish and maintain a framework that provides assurance that information security and strategies are aligned with and support business objectives, are consistent with applicable laws and regulations through the adherence to policies and internal controls and provide assignment of responsibilities, all in an effort to manage risk. The role also includes ensuring compliance with all the relevant privacy regulations, coordinating IT audits and playing a key supporting role in disaster recovery planning and testing.
Academic qualifications
Essential:
- 3-year Degree in Computer Science or Informatics
- CISSP, CISM
- ITIL Certification
Advantageous:
- Knowledge of ISO 27001/27002, NIST Cybersecurity Framework, POPIA.
- Candidate with critical technical and leadership-oriented IT security certifications, such as CISA, CRISC, CISSP, CISM, or equivalent.
- Established experience in planning, organizing, and developing IT security teams and strategy.
- Substantial exposure to data processing, hardware platforms, enterprise software applications and outsourced systems, with preference in Microsoft Technologies.
- Expertise in leverage of cloud-based solutions necessary to enable the distributed enterprise.
Work Experience
- 3 – 5 years proven track record in IT Security and GRC.
- 3 – 5 years experience in governing a Microsoft environment.
- 1 – 2 years in a senior leadership role, managing and growing a team within the IT Security and GRC.
- Experience in contract and vendor SLA management.
- Experience in ITSM Governance Frameworks.
- Experience in supplier contract negotiations.
- Experience with formulating IT and Security Strategies.
#J-18808-Ljbffr