Cyber Security, Risk & Governance Manager at Tiger Brands

Job Description

• The Cyber Security, Risk and Governance Manager is responsible for the monitoring and oversight related to the cyber security operations and the IT environment. This covers the full spectrum from monitoring cyber operations activities, project implementations as well as driving and reporting on the IT risk, audit and governance posture of the environment.

Responsibilities

• Report and monitor the cyber security operations environment end to end in accordance with the agreed security operations strategy, related best practices and related roadmaps;
• Form part of and / or facilitate any cyber related incidents to closure and be responsible for the management and the reporting of the incident to various stakeholders across Tiger;
• Oversee the vulnerability management capability and ensure that all critical, high and medium findings are appropriately and timeously remediated across various stakeholder groups;
• Monitor and track activities on  the security operations dashboards which clearly articulate the security operations posture at any given point in time;
• Monitor, track and provide inputs into the security and awareness programmes across Tiger based on the dashboard trends as well as topical areas applicable at a point in time;
• Manage the integration of logical and physical security to ensure that physical security gaps do not result in exposures to critical sets of information across Tiger;
• Perform the role of an access manager in providing oversight and monitoring over the SailPoint and CyberArk platforms as well as the overall Joiner/Mover/Leaver process.
• Define and manage the security operations engagement model, ensuring that roles and responsibilities across all key stakeholders are clear and documented;
• Manage any vendors who undertake activities within the security operations and BCP (Business continuity planning) environment to ensure that tasks are timeously delivered with the right levels of quality;
• Facilitate the transition of SRG specific programmes into BAU (Business as Usual) mode, such that defined solutions can be maintained post the programme implementation;
• Define and manage SLA’s (Service Level Agreements)  and OLA’s (Operational Level Agreements) between relevant stakeholders to ensure that performance is always upheld;
• Facilitate and provide input into the integration between IT and OT environments as the two landscape converge into one;
• Continuously keep abreast of developments within the security sphere (locally & internationally) and apply these developments where relevant within the Tiger environment;
• Manage the IT audit profile end to end and ensure that all findings are timeously remediated; and
• Attend and present at key security and / or BCP conferences to ensure that the Tiger Brands brand and reputation is upheld within the industry and the country at large.

Qualifications

Key attributes and competencies

• Strong management and security expertise on IT security and the manufacturing environment
• Strong report writing, positioning capabilities and negotiation skills
• Ability to convert high level requirements into technical designs that are  commercially viable and suit their operating environment
• Ability to convey a technical solution to senior management in a clear and concise manner
• Strong interpersonal and communication skills
• Strategic thinker with proven analytical and problem-solving abilities
• A team player who is hardworking and self-motivated
• Ability to effectively plan and prioritize workloads, and to measure and report on current progress

Experience

• 8+ years' experience in running operational security environments
• BCom / BSc or similar tertiary qualification is mandatory
• OT security expertise is an advantage
• ITIL experience and / or certification is an advantage
• CISSP and / or CISM and / or ISO 27000 and / or CIPP certifications is an advantage
• Cobit framework knowledge is mandatory.