Manager: ICT Governance & Security REF No: ICT: 30 /2024 needed at MICT SETA

Gauteng, Johannesburg ICT Full Time

Save 1 day ago

Job title : Manager: ICT Governance & Security REF No: ICT: 30 /2024

Job Location : Gauteng, Johannesburg

Deadline : December 02, 2024

Quick Recommended Links

MINIMUM REQUIREMENTS: 

  • Bachelor’s degree (NQF Level 7) in Computer Science, Information Technology, Information Security or related field 
  • A minimum of 5-7 years of experience in ICT governance, risk management, or information security. 
  • Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified in Risk and Information Systems Control (CRISC) are preferred. 
  • Experience in developing and implementing ICT governance frameworks and security policies.
  • Strong knowledge of relevant laws, regulations, and standards (e.g., POPIA, ISO 27001). 
  • Proven experience in managing ICT risk assessments, audits, and compliance initiatives. 
  • Excellent communication, leadership, and stakeholder management skills 
  • Willingness to work outside of official hours 
  • A valid driver’s license and willingness to travel is essential  

ROLES AND RESPONSIBILITIES 

ICT Strategic and Operations Management 

  • Develop, implement, and maintain a comprehensive information security strategy and program. 
  • Manage the organisation’s security architecture, including firewalls, intrusion detection/prevention systems, and endpoint protection. 
  • Conduct regular security assessments, vulnerability testing, and penetration testing to identify and mitigate risks. 
  • Oversee the management of identity and access management (IAM) systems, including user provisioning, authentication, and authorisation. 
  • Ensure the secure configuration and management of ICT infrastructure and applications.
  • Ensure policies align with industry standards and regulatory requirements. 
  • Contribute to the development of supporting operational plans for the business unit to ensure execution of the strategic objectives and goals. 
  • Drive the implementation of the technology and information security operational plan by developing and allocating operational activities to various business units and ensuring alignment to the achievement of operational targets. 
  • Use insights gained through business information to compile reports, and metrics to measure success and inform the business decision making process and realign objectives. 
  • Keep abreast of changes in legislation, regulations and respond to changes through adjustments to the strategy and operational plans as required. 
  • Assist in monitor and continuously evaluate progress of the business unit’s achievements against the operational plan and strategic objectives. 
  • Continuously improve current practices and processes for improved security.

Functional Management 

  • Establish and maintain an incident response plan to manage security breaches, data breaches, and cyber-attacks. 
  • Lead the investigation, containment, and resolution of security incidents, coordinating with internal and external stakeholders. 
  • Conduct post-incident reviews and implement corrective actions to prevent future occurrences. 
  • Maintain a log of all security incidents and prepare reports for senior management. 
  • Contribute to the maintenance of the ICT risk registers 
  • Conduct security and risk assessments of change requests and ICT projects 
  • Report to management on risk assessments & audit results 
  • Develop controls to ensure compliance and security. 
  • Sustain controls throughout the data and service life cycle. 
  • Design and manage security systems, including firewalls, intrusion detection systems, anti-virus software, encryption tools, and other technology risks mitigations. 
  • Collaborate with developers and ICT operations teams to ensure security-by-design principles are integrated into cloud architectures and development pipelines. 
  • Maintain up-to-date knowledge of emerging security threats, technologies, and best practices in security. 
  • Facilitate with internal and external stakeholders to perform penetration testing and vulnerability assessments to identify and remediate security vulnerabilities and weaknesses. 
  • Perform security assessments of third-party vendors and partners to ensure they meet security requirements and standards such as ISACA. 
  • Coordinate with relevant teams to ensure readiness for potential incidents. 
  • Contribute to management and Board reports. 
  • Prepare and present quarterly, weekly, and monthly reports on security status and incidents. 
  • Report on compliance, risk management activities, and security initiatives. 
  • Provide insights and recommendations to CIO and senior management based on report findings. 
  • Develop and implement cyber security frameworks to protect against cyber threats. 
  • Stay updated on the latest cyber security trends and technologies. 
  • Implement and manage security and event management systems. 
  • Conduct internal and external security audits to identify vulnerabilities. 
  • Assist in implementing corrective actions based on audit findings. 
  • Ensure physical and logical security of all ICT facilities. 
  • Implement access control measures to protect sensitive information. 
  • Monitor facilities for security breaches and take appropriate actions. 
  • Assist in the establishment and functioning of the Security Operations Centre (SOC)  

Policy Development and Implementation 

  • Develop and enforce ICT policies and procedures related to governance, risk management, and security. 
  • Ensure that ICT policies are communicated to all stakeholders and regularly reviewed and updated. 
  • Collaborate with legal, HR, and other departments to align ICT policies with organisational policies.  

Stakeholder Management and Relations 

  • Act as the primary point of contact for ICT governance and security matters. 
  • Engage with internal and external stakeholders, including auditors, regulatory bodies, and vendors, on ICT governance and security-related issues. 
  • Provide regular reports to the CIO, senior management, and the board on the status of ICT governance, risk management, and security. 
  • Collaborate with IT teams, business units, and external partners to ensure alignment and compliance. 
  • Assisting with provisioning of effective and efficient ICT services and solutions to various departments within MICT SETA to enable them to achieve their strategic objectives. 
  • Coordinate and facilitate communication channels with internal and external key stakeholders to ensure proper messaging of ICT standards. 
  • Implement and monitor Service Level Agreements with the relevant stakeholders. 
  • Ensure that agreed service levels are consistently met on monthly basis. 
  • Gather and disseminate accurate and timely information to all relevant stakeholders. 
  • Ongoing management of strategic partners and vendors to ensure that they perform according to the SLA’s. 
  • Implementation of vendor scorecards to measure compliance with company expectations. 
  • Ensure that company SLAs are measurable and aligned with strategic partners and vendor service agreements. 
  • Conduct regular reviews of strategic partners and vendor contracts to ensure SLA’s are measurable and enable consistent delivery. 
  • Development and maintain ICT Service Catalogue 
  • Continuous improvement of ICT practices and processes. 
  • Coordinate with service providers for regular security audits and reviews.  

Governance, Risk and Compliance 

  • Identify, assess, and manage ICT risks, including cyber threats, data breaches, and information leaks. 
  • Develop and implement risk management processes, including risk assessments, risk registers, and mitigation plans. 
  • Ensure compliance with relevant laws, regulations, standards, and frameworks, such as POPIA, ISO 27001, and NIST. 
  • Liaise with internal and external auditors to coordinate ICT audits and address findings. 
  • Assist the CIO with establishment, maintenance and improvement of Standard Operating Procedures, policies, and guidelines. 
  • Assist with monitoring implementation of all relevant ICT policies in compliance with legislative prescripts and international best practices. 
  • Participate in Risk assessments, develop mitigation plans, and implement risk action plans.
  • Develop a process for data classification for security, risk, and business impact. 
  • Ensure the implementation of formal ICT security-based documentation, auditing, and testing processes. 
  • Prepare Management reports and contribute to Board reports. 
  • Ensure compliance with relevant laws, regulations, and standards. 
  • Assist in the development and implementation of an ICT governance framework aligned with organisational goals and industry best practices. 
  • Establish governance policies, procedures, and standards for ICT security. 

 Budget and Finance Management 

  • Contribute into the development and implementation of the departmental budget by ensuring financial stability. 
  • Ensure expenditure is in line with budget requirements. 
  • Assist in the management of procurement process to ensure compliance with the legislation e.g. (PFMA, PPFA, and BBBEE). 
  • Maximise revenue and reduce expenditure through effective cost control measures. 
  • Ensure that the ICT related assets are economically acquired, adequately implemented, maintained and protected in all respects. 

Security Awareness and Training 

  • Develop and implement an information security awareness and training program for the MICT SETA. 
  • Conduct regular security awareness campaigns, workshops, and training sessions. 
  • Monitor and report on the effectiveness of security awareness initiatives and adjust as needed. 

People Management 

  • Build and lead an effective and cohesive team through the effective management of office resources. 
  • Ensure the enhancement of relevant knowledge and skills through continuous coaching, mentoring and nurturing of talent in the business unit. 
  • Contribute to the creation of a high-performance culture and manage team performance effectively by translating and communicating the annual performance goals and measures into individual work plans based on agreed upon objectives. 
  • Ensure the working environment contributes to improving employee engagement, recognition and increased productivity. 
  • Ensure the management of poor performance and disciplinary matters in line with the MICT SETA’s policies and procedures.  

ICT Service Continuity / Disaster Recovery 

  • Improve ICT services through implementation of secure technologies. 
  • Assist in the development of ICT Service Continuity / Disaster Recovery Plans and lead in implementation thereof. 
  • Maintain business continuity plans to ensure continuation of critical operations during disruptions. 
  • Design and test disaster recovery plans to minimize data loss and downtime. 
  • Establish methods and procedures to enable the CIO and MANCO to assess risks and business impact in determining ICT Service Continuity practices. 
  • Manage backup procedures and systems. 

How to Apply for this Offer

Interested and Qualified candidates should Click here to Apply Now

  • ICT jobs
Apply for this job

Share this job