Manager: Cyber and Information Security Implementation and Governance - BSTD at South African Reserve Bank

Brief description

The main purpose of this position is to manage the cyber-governance team outputs as well as to drive the implementation of the cyber and information security programme within the South African Reserve Bank Group (SARB Group).

Detailed description

The successful candidate will be responsible for the following key performance areas:

• Provide input to the divisional operational plan to ensure achievement of strategic and operational objectives.
• Define, plan and allocate work for the security governance team, in alignment with departmental and operational plans.
• Manage the performance and development of the team.
• Coach, steer, motivate and supervise the outputs of the team, ensuring quality in execution of work delivered through staff.
• Guide the refinement and continuous improvement of tools, methods and processes in the areas of security risk, threat and policy management.
• Drive the implementation of the cyber and information security (CIS) programme by defining the scope, objectives and deliverables based on organisational inputs and risk profile changes.
• Work closely with the cyber security technical consultant to ensure alignment of cyber technologies within the programme.
• Ensure appropriate procurement and contracting for the CIS programme through liaising with CIS Unit.
• Lead and participate in engagements with relevant stakeholders/clients, within the SARB Group and external parties, displaying a service orientation in own work and the ability to solicit information as well as to convey and explain information fluently.
• Lead governance structures for the CIS programme to ensure alignment of roles and activities by various stakeholders across the SARB Group.
• Manage the provision of management information for the purposes of decision making.

QUALIFICATIONS

Job requirements

To be considered for this position, candidates must be in possession of:

• a Bachelor’s degree (NQF 7) in Security, Information Technology or an equivalent qualification;
• a certificate in Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM); and
• 8 to 10 years experience in a cyber and information security management environment with a minimum of two years exposure to a holistic enterprise wide cyber and information security programme implementation.

Additional requirements include:

• solid knowledge of leading information security best practices, relevant legislation; information technology trends; project and programme management; and procurement and contract management;
• promoting team work;
• developing and growing others;
• effective communication;
• leading change;
• establishing focus;
• drive for results;
• service and stakeholder focus;
• impact and influence;
• planning and organising;
• developing and managing relationships;
• driving results;
• flexibility; and
• judgement and decision making.