HEAD Infrastructure and Security - Stellenbosch
Salary Negotiable
Stellenbosch,
Western Cape
more than 14 days ago
HEAD OF INFRASTRUCTURE AND SECURITY
STELLENBOSCH
PURPOSE OF THE ROLE:
- The Head of Infrastructure and Security is responsible for the support and maintenance of all our physical and cloud-based server infrastructure across the organisation, as well as all our systems, applications, and information security, including access control and data retention.
Key Responsibility Areas:
• Leads the technical expertise and direction of the infrastructure & national systems team.
• Leads the IT Risk assessment, penetration test, vulnerability scans, and social engineering.
• Responsible for all data security, system backups and disaster recovery procedures.
• Responsible for conducting regular vulnerability scans and disaster recovery simulations; and
communicating the critical results to management
• Educates management & staff on security risk through continuous reporting and presentations.
• Monitors Information Security industry trends and educates the organization of critical information
• Develops, plans, and manages the Information Security Program to include policies, procedures, and standards.
• Leads the project initiatives to research, validate, and manage Information Security vendors and products to ensure robust detection, prevention, and monitoring tools are in place
• Defines the Information Security plan to resolve gaps identified from audits, risk assessments or vulnerability scans.
• Leads cyber security investigations providing summaries and recommendations to resolve the matter.
• Works closely with IT and project teams to ensure that new projects meet or exceed information security requirements
• Achieves Information Security and operational objectives by developing and executing strategic plans which reduce risk to information assets.
• Protects information assets by developing security strategies, directing system access control, monitoring, and response.
• Implements regulatory requirements, industry standards, and best practices such as POPIA (Protection of Personal Information Act), GDPR (General Data Protection Regulation), etc at a systems level, ensuring the Information Security Program is held to the highest standard.
• Work in collaboration across streams and in line with the macro compliance, risk and audit policies, functional heads & relevant Board subcommittees
• Leads Information Security, Server infrastructure & National systems projects to align with organizational strategic objectives, goals, and risk tolerance.
The successful candidate must have the following experience/skills: -
• At least 4 years of information security experience.
• At least 4 years of server administration experience.
• At least 4 years of experience with managing cloud infrastructure, including AWS & Azure
• Experience with standards and best practices such as ISO27001, SIEM, POPIA, GDPR & SOC 2 compliance.
• Required demonstrated knowledge of information technology security trends and leading best practices.
• Minimum of 2 years’ experience directly leading infrastructure or security focused staff in a team environment.
• Experience and expertise in managing and administering infrastructure and data systems.
• Minimum of 3 years’ experience in at least five of the following: access control systems and methodology; business continuity and disaster recovery planning; risk, response, and recovery; network security architecture; security management practices; audit and monitoring; enterprise and IT risk assessments; incident response management.
• Demonstrable experience of managing complex disaster recovery plans & procedures.
• Demonstrable experience of drafting and introduction of data protection and disaster recovery policies.
• Requires working knowledge of ISP’s and its operations and procedures.
• Excellent time management skills and the ability to prioritize multiple initiatives and projects.
• Ability to establish strategic direction for the department and provide the roadmap of initiatives and priorities in support of that vision.
• Ability to operate at all levels of the organization.
• Excellent interpersonal skills including oral and written communications.
• Ability to manage change within the organization.
• Ability to maintain a high level of confidentiality.
• Technically proficient in IT and Information Security controls and concepts.
• Demonstrate flexibility and the ability to work in a team environment.
• Strong organizational and planning skills, resourcefulness, and creative problem-solving skills.
Qualifications
- Degree in Computer Science, Information Technology or related field.
STELLENBOSCH
PURPOSE OF THE ROLE:
- The Head of Infrastructure and Security is responsible for the support and maintenance of all our physical and cloud-based server infrastructure across the organisation, as well as all our systems, applications, and information security, including access control and data retention.
Key Responsibility Areas:
• Leads the technical expertise and direction of the infrastructure & national systems team.
• Leads the IT Risk assessment, penetration test, vulnerability scans, and social engineering.
• Responsible for all data security, system backups and disaster recovery procedures.
• Responsible for conducting regular vulnerability scans and disaster recovery simulations; and
communicating the critical results to management
• Educates management & staff on security risk through continuous reporting and presentations.
• Monitors Information Security industry trends and educates the organization of critical information
• Develops, plans, and manages the Information Security Program to include policies, procedures, and standards.
• Leads the project initiatives to research, validate, and manage Information Security vendors and products to ensure robust detection, prevention, and monitoring tools are in place
• Defines the Information Security plan to resolve gaps identified from audits, risk assessments or vulnerability scans.
• Leads cyber security investigations providing summaries and recommendations to resolve the matter.
• Works closely with IT and project teams to ensure that new projects meet or exceed information security requirements
• Achieves Information Security and operational objectives by developing and executing strategic plans which reduce risk to information assets.
• Protects information assets by developing security strategies, directing system access control, monitoring, and response.
• Implements regulatory requirements, industry standards, and best practices such as POPIA (Protection of Personal Information Act), GDPR (General Data Protection Regulation), etc at a systems level, ensuring the Information Security Program is held to the highest standard.
• Work in collaboration across streams and in line with the macro compliance, risk and audit policies, functional heads & relevant Board subcommittees
• Leads Information Security, Server infrastructure & National systems projects to align with organizational strategic objectives, goals, and risk tolerance.
The successful candidate must have the following experience/skills: -
• At least 4 years of information security experience.
• At least 4 years of server administration experience.
• At least 4 years of experience with managing cloud infrastructure, including AWS & Azure
• Experience with standards and best practices such as ISO27001, SIEM, POPIA, GDPR & SOC 2 compliance.
• Required demonstrated knowledge of information technology security trends and leading best practices.
• Minimum of 2 years’ experience directly leading infrastructure or security focused staff in a team environment.
• Experience and expertise in managing and administering infrastructure and data systems.
• Minimum of 3 years’ experience in at least five of the following: access control systems and methodology; business continuity and disaster recovery planning; risk, response, and recovery; network security architecture; security management practices; audit and monitoring; enterprise and IT risk assessments; incident response management.
• Demonstrable experience of managing complex disaster recovery plans & procedures.
• Demonstrable experience of drafting and introduction of data protection and disaster recovery policies.
• Requires working knowledge of ISP’s and its operations and procedures.
• Excellent time management skills and the ability to prioritize multiple initiatives and projects.
• Ability to establish strategic direction for the department and provide the roadmap of initiatives and priorities in support of that vision.
• Ability to operate at all levels of the organization.
• Excellent interpersonal skills including oral and written communications.
• Ability to manage change within the organization.
• Ability to maintain a high level of confidentiality.
• Technically proficient in IT and Information Security controls and concepts.
• Demonstrate flexibility and the ability to work in a team environment.
• Strong organizational and planning skills, resourcefulness, and creative problem-solving skills.
Qualifications
- Degree in Computer Science, Information Technology or related field.
Recruiter: I T Staffing Cape Town