Formal Education


Diploma / Bachelors degree in Computer Science, Information Systems, Information Security, or related discipline from an accredited tertiary institution

Experience

â—?

At least five (5) years demonstratable experience/knowledge of Information Security / Cybersecurity

â—?

Experience advising customers on architectures meeting industry standards such as PCI DSS, ISO 27001, CIS Standards, HIPAA, and NIST/DoD frameworks.

Technical/Legal Certification

â—?

Relevant IT Security certification such as COBIT, CISSP, CISM, CISA, CGEIT, TOGAF, SABSA and any other Governance related qualification.

Responsibilities

Act as security specialist utilising current information security technology disciplines and industry standards
to ensure confidentiality, integrity, and availability of information assets.
Security requirements management by definition and linking of security mechanisms to functional requirements
Develop reference security architectures and frameworks (including requirements, design patterns, and other artefacts) for use throughout the Department.
Develop security strategies and develop guidance documentation that drive the strategy.
Evaluate new and emerging security technologies for potential suitability in the Department''s environment.
Development of security policies, security standards, and risk governance processes.
Participate in the governance process to influence projects to adhere to industry standards, and all relevant security policies.
Develop and foster relationships with technical teams and business partners in order to create an integrated approach that provides data integrity, information confidentiality, and service availability.
Partner with Application Delivery, Compliance, Audit, Engineering, and Information Security to ensure that the Information Security Principles are embedded into new initiatives.
Participate in IT security audit activities both internal and external, ensuring compliance to national regulations, POPI, Data Privacy standards and Payment Card Industry standards.
Detailed attack modelling and security mechanism specification for hardware and software blocks.
Advising and training the team on design, implementation and test of software security mechanisms.
Root cause analysis of security defects
Design, build and implement enterprise-class security systems for a production environment.
Align standards, frameworks and security with overall business and technology strategy.
Identify and communicate current and emerging security threats.
Design security architecture elements to mitigate threats as they emerge
Create solutions that balance business requirements with information and cyber security requirements
Identify security design gaps in existing and proposed architectures and recommend changes or enhan