Manager Information Security - Cape Town
Salary Negotiable
Cape Town,
Western Cape
more than 14 days ago
Job Description
Main purpose:
To ensure the organisations Information Security Management System is maintained and the compliance of staff and policies, procedures, guidelines and standards used to support the effectiveness of the ISMS.
Key Responsibilities:
•Carry out all ISMS activities to ensure maintenance of ISO 27001:2005, PCI-DSS certifications at South Africa sites
•Conduct risk assessments on client operations and ensure client’s information security requirements are effectively addressed
•Assist the central management team in overseeing compliance activities relating to information security and privacy
•Act as the central coordinator for actual / potentially Information Security and Privacy incidents at the location and Lead the investigations.
*
Qualifications required:
•Relevant tertiary qualification. Preferred Bachelors degrees in Computer Science or Computer Engineering.
•Industry related certification required (e.g. CISM, CISA, CEH etc.) preferred
•ISO 27001 Lead Auditor preferred
Experience required:
•At least 5 years of professional experience in either a technical IT Risk or an IT Security role
•BPO / BPM industry experience would be advantageous
Professional Knowledge and attributes required:
•Excellent communication skills (written and verbal)
•Excellent understanding of ISO27001 and PCI-DSS and integration and maintenance within an ISMS
•Good working knowledge of Information security related requirements
•Knowledge of IT Corporate Governance Principles
•Ability to evaluate and analyse threat, vulnerability, impact and risk to security issues discovered from security assessments
•Advise on InfoSec security issues, including explanation on the technical details and how they can remediate the vulnerabilities in the systems
•Manage information protection and data privacy with an understanding of POPIA and European GDPR
•Strong understanding of Information technology / IT security concepts
•A good understanding of various information system technologies including: Active directory, Networking, LAN / WAN, firewalls, IDS / IPS, Log management systems, web content filtering systems, enterprise Antivirus management systems, Patch management, OS hardening guidelines, etc
•Information system auditing experience
•Sound working knowledge of the latest Microsoft packages (Word, Excel, PowerPoint & Outlook)
Preferred skills -
•Meticulous attention to detail
•Ability to work under pressure to strict deadlines
•Ability to works towards team and individual targets
•Building and maintaining effective working relationships, both internal and external teams and clients.
Main purpose:
To ensure the organisations Information Security Management System is maintained and the compliance of staff and policies, procedures, guidelines and standards used to support the effectiveness of the ISMS.
Key Responsibilities:
•Carry out all ISMS activities to ensure maintenance of ISO 27001:2005, PCI-DSS certifications at South Africa sites
•Conduct risk assessments on client operations and ensure client’s information security requirements are effectively addressed
•Assist the central management team in overseeing compliance activities relating to information security and privacy
•Act as the central coordinator for actual / potentially Information Security and Privacy incidents at the location and Lead the investigations.
*
Qualifications required:
•Relevant tertiary qualification. Preferred Bachelors degrees in Computer Science or Computer Engineering.
•Industry related certification required (e.g. CISM, CISA, CEH etc.) preferred
•ISO 27001 Lead Auditor preferred
Experience required:
•At least 5 years of professional experience in either a technical IT Risk or an IT Security role
•BPO / BPM industry experience would be advantageous
Professional Knowledge and attributes required:
•Excellent communication skills (written and verbal)
•Excellent understanding of ISO27001 and PCI-DSS and integration and maintenance within an ISMS
•Good working knowledge of Information security related requirements
•Knowledge of IT Corporate Governance Principles
•Ability to evaluate and analyse threat, vulnerability, impact and risk to security issues discovered from security assessments
•Advise on InfoSec security issues, including explanation on the technical details and how they can remediate the vulnerabilities in the systems
•Manage information protection and data privacy with an understanding of POPIA and European GDPR
•Strong understanding of Information technology / IT security concepts
•A good understanding of various information system technologies including: Active directory, Networking, LAN / WAN, firewalls, IDS / IPS, Log management systems, web content filtering systems, enterprise Antivirus management systems, Patch management, OS hardening guidelines, etc
•Information system auditing experience
•Sound working knowledge of the latest Microsoft packages (Word, Excel, PowerPoint & Outlook)
Preferred skills -
•Meticulous attention to detail
•Ability to work under pressure to strict deadlines
•Ability to works towards team and individual targets
•Building and maintaining effective working relationships, both internal and external teams and clients.
Recruiter: wns recruitment