Senior Manager: Cyber Forensics at Road Accident Fund

Key Performance Areas

Cyber Investigations

• Oversee cyber investigations (network security breaches, unlawful and unauthorised access application servers, userIDs compromised, data manupulation and data theft) as per the applicable methodologies.
• Lead the analysis of networks, application systems and databases.
• Lead digital forensics or reverse engineering assignments.
• Allocate cyber forensic investigations in line with set guidelines and standards.
• Monitor cyber investigations progress and provide progress to relevant stakeholders.
• Report control failures identified during the investigation to relevant management.
• Quantify financial losses on the investigated case.
• Provide litigation support (testifying at disciplinary hearing, CCMA and court) and assist law enforcement agencies as and when required.
• Coordinate identification of systems and logs to be analysed based on the nature of the breach.
• Provide guidance on tracing user activitiy (file manipulation, usb activity, physical and virtual keyloggers, browser history, chat analysis, cloud activity).
• Lead the maintanance of data and documentation according to prescribed digital forensic chain of custody protocols.
• Manage awareness on different cyber security risk as well as improved security solutions, processes, and the overall development of new attacks and threats.

Fraud Detection

• Oversee the development or procurement of fraud detection tools to ensure effective data interrogation platforms.
• Participate in threat intelligence activities and guide the identification of vulnerabilities within the RAF.
• Stay abreast of cyber security improvements and monitor the maintenance of compliance and security requirements while developing mitigating solutions.
• Oversee the execution of link and relationship analysis on individuals againts the alleged misconduct to establish irregularities.
• Lead the data extraction and conversion based on assignments
• Lead the data analysis and data mining projects.
• Oversee the computer and email imaging.
• Lead the implementation of fraud detection strategies to detect trends, patterns and advise controls enhancement.
• Lead the execution of lifestyle audits.
• Provide guidance on relationship mapping assignments.
• Collaborate with Information Security on awareness initiatives and phishing simulation.
• Ensure the provision of strategic direction in fraud detection and cybercrime investigations for internal and external parties.
• Oversee the management of the anonymous fraud reporting line.

Strategy Development and Operational Planning

• Guide the implementation of the cyber forensics, strategy and plans that ensure alignment with short and long-term objectives.
• Guide the development and implemenation of the fraud detection strategy.
• Guide the implementation and annual review of the overall Strategic Plan for the department.
• Provide strategic input and guide the plan of the current and future interventions necessary to achieve acceptable levels and standards of the RAF strategy and operational plans to the Executive forum.

Policy Review and Implementation

• Oversee the development and implementation of policy, procedures and processes.
• Provide input in the Cyber Security Strategy.
• Work with appropriate structures to ensure effective execution of policy and practices.
• Provide advice and guidance to the Policy department on legislative compliance, emerging issues, risks and the implementation of changes required on policy matters.

Reporting

• Quality review cyber investigation reports and adhere to applicable standards and guidelines.
• Present reports on data analysis projects to Management and Executives.
• Present lifestyle audits reports to Management and Executives.
• Present cyber forensic reports to Management and Executives.
• Report quarterly on progress with implementation of operational plans.
• Manage the development of functional reporting systems, project or performance reporting for management.
• Manage the development of reports/ policies/ procedures and guide the process through the alignment of these documents to the overall RAF’s Strategy.

Stakeholder Management

• Provide advice in the IT systems implementations projects.
• Engage with relevant internal stakeholders during investigations.
• Recommend corrective actions to senior managers, heads of departments to improve their processes and controls to prevent similar incidents of fraud reoccuring in future.
• Maintain proactive and progressive relationships with key stakeholders including commercial crimes unit (cyber unit)/ Hawks and asset forfeiture unit. etc.

Financial Management

• Ensure that the periodic financial and strategic goals of RAF as well as the performance expectations of the various teams within are achieved.
• Report and review Forensics Departments' financial and non-financial goals.
• Implement sufficient internal control measures are implemented for adherence to PFMA, RAF and other relevant legislation and regulation.
• Manage, monitor and control the department expenses budget.

People Management

• Ensure sourcing, development and retention of a high-performing team.
• Ensure the organisation's team members' motivation, cohesiveness and alignment.
• Manage staff in the department to ensure that they achieve their objectives in line with the strategic objectives of the RAF.
• Implement people management processes and procedures to control or regulate workplace conflict and/or institute corrective measures and consultation processes to address deviations from standards.

Qualifications and Experience

• Bachelor’s Degree/ Advanced Diploma in Computer Science, Information Technology, Digital Forensic, CyberSecurity.
• Postgraduate qualification in Information Technology, Computer Science, Digital Forensic, CyberSecurity.
• Certified Fraud Examiner (CFE) or Commercial Forensic Practitioner (CFP).
• Relevant 9 - 10 years’ experience in cyber crime investigations, digital forensics, intelligence analysis and data analytics environment of which 3 years must be on management level.

Technical and Behavioural Competencies Required

• Strategic capability.
• Business and financial acumen.
• Compliance and governance.
• Leadership agility.
• Client Service Orientation. 
• Policy conceptualization and formulation.
• Risk management.
• Service delivery innovation.
• Reporting.
• Excellent knowledge of proper evidence collection, analysis and reporting techniques.
• Excellent knowldege on lifestyle audits key indicators.
• Ablity to encrypt and decrypt digital data.
• Experience in investigations of cyber breaches.
• Excellent knowledge in data extraction, data analysis and conversion.
• Experience in tracing user activity (file manupulation, chat analysis, cloud activity, usb activity, browser history).
• Very good knowledge of Criminal law.
• Very good knowledge of litigation support (Testifying at disciplinary hearings, CCMA and court).
• Experience in working with law enforcement agencies and financial sectors (Banks).
• Very good knowledge in developing cyber/ digital forensic strategy.
• Very good knowledge in analysing structured and unstructured data.
• Proficiency in forensic tool suites not limited to:
• Analyst Notebook
• ACL
• Linux
• MacOS