Senior Manager: Information and Cyber Security

We are looking to recruit a self-motivated, proactive Senior manager who will lead the development of existing, and the implementation of new processes and procedures. Although a senior level management role, the role retains responsibility for the practical application of cyber operations. It would suit an individual who has demonstrated experience of stakeholder management and can lead a team of security analysts through the effective identification, response, and recovery process for cyber incidents, even when working under pressure.

Requirements:
• Relevant qualification at NQF level 7 (Computer Science, Information Systems or similar)
• Advanced certifications such as SANS GIAC/GCIA/GCIH, CISSP or CASP and/or SIEM-specific training and certification
• 10 years’ experience in Information technology (Enterprise infrastructure) with a minimum of 5 years in an information and cyber security role. 3 years must be experience in a senior management role at team level or higher, with demonstrated experience and understanding of project and program management
Non-technical Skills:
• Communication skills (Verbal and written)
• Strong analytical skills (analyze security requirements and relate them to appropriate security controls)
• Problem solving
• Decision making
• Prioritization and Time management
• Financial Management and budgeting
• Strategy development and planning
• Team building and HR Management
• Emotional Intelligence
• Coaching and Mentoring

Technical skills:
• Advanced proficiency in security architecture and network security
• Advanced understanding of network security including TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth, and common network security elements.
• Hands-on experience analyzing high volumes of logs, network data (e.g., NetFlow, FPC), and other attack artifacts in support of incident investigations
• Proficiency in information security incident handling
• Proficiency with some of the following: Anti-Virus, HIPS, ID/PS, Full Packet Capture, Host Based Forensics, Network Forensics, and RSA Security
• In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g., Nitro/McAfee Enterprise Security Manager, ArcSight, QRadar, Log Logic, Splunk)
• Demonstrable understanding of mobile technology and operating systems (i.e., Android, iOS, Windows),
• Computer security (Windows, Mac, and Linux)
• Demonstrable understanding of virtualization and containerization technologies e.g., VMware technology, Kubernetes

Knowledge requirements:
• Performing risk, business impact, control, and vulnerability assessments, and in defining treatment strategies.
• Fundamentals of threat modelling.
• Fundamentals of attack frameworks such as Mitre, Lock Head kill-chain.
• Fundamentals of pen-testing methodologies such as OSSTM, ISSAF, NIST SP800-115 or PTES
• Developing and documenting security architecture and plans, including strategic, tactical and project plans.
• Common information security management frameworks, such as International Standards Organization (ISO) 2700x, the IT Infrastructure Library (ITIL) and Control Objectives for Information and Related Technology (COBIT) frameworks
• An understanding of operating system internals and network protocols.
• Familiarity with the principles of cryptography and cryptanalysis.
• Fundamentals of digital forensics (investigation oversight, host-based forensics, network forensics and forensic counter measures)
• Fundamentals of system technology security testing (vulnerability scanning and penetration testing).
• Familiarity in application technology security testing (white box, black box, and code review).

Professional registration or license requirements:
SANS GIAC/GCIA/GCIH, CISSP or CASP, CBCP, MCBI and/or SIEM-specific training and certification.