Key Performance Objectives

Security Operations:

• Assist the management team in drafting a strategic direction for the function while ensuring that this direction is aligned with that of the CISO.
• Assist with developing the Security Operations specifically improvements in Cyber Threat investigations
• Plan, design and implement an overall security management process for the function.
• The process includes: detection, triage, analysis, containment, recovery and reporting
• Innovate solutions by Investigating and implementing AI solutions to have better capability within the function.
• Mature the network access control initiatives as deemed necessary by management.
• Act as the lead for security incidents and breaches as per the defined processes.
• Improve ability to minimise and prevent further incidents by accurate documentation and post analysis of all system incidents. Forensics and Breach Management
• Assist by leading the incident response process and execution including unauthorized access, security policy violations and Data Loss Incidents
• Manage and execute processes responsible for the advanced analysis of security threat intelligence (malicious code, hackers and zero-day exploits, etc.) in order to proactively prepare for security events. Develop communication channels with the business units to ensure solid incident response and risk assessment processes
• Ensure continuous testing of all breach management processes
• Conduct red and blue team exercises as directed by management

People Management:

• Manage specialists and external Consultants team to ensure effective delivery of business unit objectives.
• Assist the manager to ensure a high performing team by embedding formal performance development and informal coaching. Encourage frequent knowledge sharing between team members.
• Motivate team members and ensure that their efforts are recognised
• Coach and mentor junior practitioners within the defensive systems field in principles and processes

Qualifications

• Degree (NQF 7) in Security/Information Technology/ OR equivalent
• Certification required – CASP, CyberSec First Responder or Comptia CySA+,
• CISSP and CISM

Experience

• Minimum of 8 – 10 years of experience in an Information Security environment with specific focus on working with security incident and event management
• Forensics and breach management experience is critical
• A proven track record of experience in the IT and Information Security Industry is critical.
• Understanding the influence of service support services on successful service delivery is critical.
• Proven knowledge and experience in the Technology Operations Environment will be an advantage.
• Project Management experience is an advantage

Technical Competencies  

• Security Incident Monitoring and Response Strategy
• Incident Management
• Problem Solving and Analysis
• Business Acumen
• Stakeholder Influence
•  Project Management