HEAD OF INFRASTRUCTURE AND SECURITY

SUMMARY:

HEAD OF INFRASTRUCTURE AND SECURITY

POSITION INFO:

PURPOSE OF THE ROLE:

-          The Head of Infrastructure and Security is responsible for the support and maintenance of all our physical and cloud-based server infrastructure across the organisation, as well as all our systems, applications, and information security, including access control and data retention.

Key Responsibility Areas:

·         Leads the technical expertise and direction of the infrastructure & national systems team.

·         Leads the IT Risk assessment, penetration test, vulnerability scans, and social engineering.

·         Responsible for all data security, system backups and disaster recovery procedures.

·         Responsible for conducting regular vulnerability scans and disaster recovery simulations; and

communicating the critical results to management

·         Educates management & staff on security risk through continuous reporting and presentations.

·         Monitors Information Security industry trends and educates the organization of critical information

·         Develops, plans, and manages the Information Security Program to include policies, procedures, and standards.

·         Leads the project initiatives to research, validate, and manage Information Security vendors and products to ensure robust detection, prevention, and monitoring tools are in place

·         Defines the Information Security plan to resolve gaps identified from audits, risk assessments or vulnerability scans.

·         Leads cyber security investigations providing summaries and recommendations to resolve the matter.

·         Works closely with IT and project teams to ensure that new projects meet or exceed information security requirements

·         Achieves Information Security and operational objectives by developing and executing strategic plans which reduce risk to information assets.

·         Protects information assets by developing security strategies, directing system access control, monitoring, and response.

·         Implements regulatory requirements, industry standards, and best practices such as POPIA (Protection of Personal Information Act), GDPR (General Data Protection Regulation), etc at a systems level, ensuring the Information Security Program is held to the highest standard.

·         Work in collaboration across streams and in line with the macro compliance, risk and audit policies, functional heads & relevant Board subcommittees

·         Leads Information Security, Server infrastructure & National systems projects to align with organizational strategic objectives, goals, and risk tolerance.

The successful candidate must have the following experience/skills: -

-        At least 4 years of information security experience.

-        At least 4 years of server administration experience.

-        At least 4 years of experience with managing cloud infrastructure, including AWS & Azure

-        Experience with standards and best practices such as ISO27001, SIEM, POPIA, GDPR & SOC 2 compliance.

-        Required demonstrated knowledge of information technology security trends and leading best practices.

-        Minimum of 2 years’ experience directly leading infrastructure or security focused staff in a team environment.

-        Experience and expertise in managing and administering infrastructure and data systems.

-        Minimum of 3 years’ experience in at least five of the following: access control systems and methodology; business continuity and disaster recovery planning; risk, response, and recovery; network security architecture; security management practices; audit and monitoring; enterprise and IT risk assessments; incident response management.

-        Demonstrable experience of managing complex disaster recovery plans & procedures.

-        Demonstrable experience of drafting and introduction of data protection and disaster recovery policies.

-        Requires working knowledge of ISP’s and its operations and procedures.

-        Excellent time management skills and the ability to prioritize multiple initiatives and projects.

-        Ability to establish strategic direction for the department and provide the roadmap of initiatives and priorities in support of that vision.

-        Ability to operate at all levels of the organization.

-        Excellent interpersonal skills including oral and written communications.

-        Ability to manage change within the organization.

-        Ability to maintain a high level of confidentiality.

-        Technically proficient in IT and Information Security controls and concepts.

-        Demonstrate flexibility and the ability to work in a team environment.

-        Strong organizational and planning skills, resourcefulness, and creative problem-solving skills.

Qualifications

-          Degree in Computer Science, Information Technology or related field.

NB! This job is now closed. You can apply for other jobs by uploading your CV.