- Published on
NATIONAL STUDENT FINANCIAL AID SCHEME (NSFAS) – GENERAL MANAGER: INFORMATION SECURITY
NATIONAL STUDENT FINANCIAL AID SCHEME (NSFAS)
The following vacancy exists at NSFAS in Cape Town.
Position: General Manager: Information Security
Type & Grade: Permanent, Grade: 14
Vacancy No: 30 of 2020/21 Department & Unit ICT Department
POSITION OVERVIEW:
The successful applicant will be required to define and execute the strategic direction of the information security program across the organization. The candidate will also be responsible for developing and coordinating cyber security initiatives. This includes the protection of the organization’s infrastructure and data assets against threats, such as security breaches caused by system malware, internal threats and attacks by cyber-criminals.
The candidate will oversee the governance and management of the information security program and advance its overall mission to identify and mitigate any information security-related risks
The candidate should have previous experience in managing information security teams and must have a strong background in information technology with a clear understanding of challenges of information security.
RESPONSIBILITIES:
• Research the latest information technology security trends
• Monitor organisation’s networks for security breaches and investigate violations when they occur
• Help to design, implement, and maintain the organisation’s cyber-security plan
• Development organization strategies that address information control requirements
• Develop and direct implementation of security standards and best practices for the organisation
• Direct the installation and use of security tools, to protect sensitive information
• Recommend security enhancements
• Ensure that IT security audits are conducted periodically or as needed
• Ensure architectural principles are applied during design to reduce risk and drive adoption and adherence to policy, standards and guidelines
• Ensure compliance with business strategies and information security and lead the provision of information security resources expertise, guidance and systems necessary to execute strategic and operational plans across the organisation's information systems
• Communicate corporate information security policies, standards and guidelines
• Identify and monitor environmental and market trends and pro-actively assessed the impact of business strategies, benefits and risks
• Lead the provision of authoritative advice and guidance on the requirements for security controls in collaboration with experts in other functions
DESIRED SKILLS AND EXPERIENCE
Minimum requirements:
• Master’s Degree in Information Systems, Computer Science, or related field
• In-depth knowledge of information security governance, policies and procedures
• Experience in industry standards, regulations, and guidelines in information technology security
• Minimum of 10 years of experience in a combination of information security and IT jobs which at least five (5) years is in an Executive/ Senior ICT Management role.
• Certification in at least one industry recognized professional Information Security certification i.e. CISSP, CISA, CISO or similar
• Certification in at least one Information Security industry standard i.e. ISO27001, NIST, or similar.
• Project management skills: financial/budget management, scheduling and resource management
• Strong technical background in multiple ICT Domains
• Sound knowledge of business management and a working knowledge of information security risk management and cyber security technologies
• Ability to lead and motivate the information security team to achieve tactical and strategic goals, even when only "dotted line" reporting lines exist
• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and nontechnical audiences at various hierarchical levels, ranging from board members to technical specialists
• Experience at an organisational level important, as well as portfolio level
• Knowledge and broad understanding of the use of ICT as a business driver
• Demonstrate an understanding of governance and frameworks (SLDC)
• Proven track record of leading within an organisation undergoing transformational change
• Demonstrate an understanding of Organisational strategic planning and budgeting
• Knowledge and understanding of relevant legal and regulatory requirements
• Operated within the portfolio of Strategy formulation with documented commercialisation of such initiatives into target market
Beneficial skills and experience:
• Understanding of the higher and further education and training sector in South Africa
• Other relevant certifications, RESILIA/COBIT/ ITIL or similar
• Relevant technical ICT certifications
• Experience with security infrastructure, firewalls, Web Proxies, IPS, etc. (preferred - Cisco ASA and FortiGate)
• Experience with networking technologies, LAN, WAN, DMZ, etc. (preferred - Cisco and HP)
• Experience with server and infrastructure services (MS Windows, Exchange, Active Directory, Anti-Virus, etc.)
• Experience with web application and security
• Experience with Infrastructure and application monitoring and management tools and software.
• Experience with Security Information and Event Management (SIEM) solutions, vulnerability scanning, penetration testing.
• Identify and monitor environmental and market trends and pro-actively assessed the impact of business strategies, benefits and risks
• Lead the provision of authoritative advice and guidance on the requirements for security controls in collaboration with experts in other functions
DESIRED SKILLS AND EXPERIENCE
Minimum requirements:
• Master’s Degree in Information Systems, Computer Science, or related field
• In-depth knowledge of information security governance, policies and procedures
• Experience in industry standards, regulations, and guidelines in information technology security
• Minimum of 10 years of experience in a combination of information security and IT jobs which at least five (5) years is in an Executive/ Senior ICT Management role.
• Certification in at least one industry recognized professional Information Security certification i.e. CISSP, CISA, CISO or similar
• Certification in at least one Information Security industry standard i.e. ISO27001, NIST, or similar.
• Project management skills: financial/budget management, scheduling and resource management
• Strong technical background in multiple ICT Domains
• Sound knowledge of business management and a working knowledge of information security risk management and cyber security technologies
• Ability to lead and motivate the information security team to achieve tactical and strategic goals, even when only "dotted line" reporting lines exist
• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and nontechnical audiences at various hierarchical levels, ranging from board members to technical specialists
• Experience at an organisational level important, as well as portfolio level
• Knowledge and broad understanding of the use of ICT as a business driver
• Demonstrate an understanding of governance and frameworks (SLDC)
• Proven track record of leading within an organisation undergoing transformational change
• Demonstrate an understanding of Organisational strategic planning and budgeting
• Knowledge and understanding of relevant legal and regulatory requirements
• Operated within the portfolio of Strategy formulation with documented commercialisation of such initiatives into target market
Beneficial skills and experience:
• Understanding of the higher and further education and training sector in South Africa
• Other relevant certifications, RESILIA/COBIT/ ITIL or similar
• Relevant technical ICT certifications
• Experience with security infrastructure, firewalls, Web Proxies, IPS, etc. (preferred - Cisco ASA and FortiGate)
• Experience with networking technologies, LAN, WAN, DMZ, etc. (preferred - Cisco and HP)
• Experience with server and infrastructure services (MS Windows, Exchange, Active Directory, Anti-Virus, etc.)
• Experience with web application and security
• Experience with Infrastructure and application monitoring and management tools and software.
• Experience with Security Information and Event Management (SIEM) solutions, vulnerability scanning, penetration testing.
Competencies:
• Strategic Capability and Leadership (Advanced level required)
Involves building and sustaining relationships and managing in the political cultural context. To also create and drive the vision, the Strategy and lead people to execute the mandate of the organisation.
• People Management and Empowerment (Advanced level required)
The ability to achieve goals through others, therefore ensuring that they perform, and are managed and developed in order to achieve the desired results.
• Programme and Project Management (Advanced level required)
Mandates are achieved through programmes and projects designed to address needs. This entails managing programmes and projects which are strategic in nature and involves the management of people, finance/budget and expenditure of the programme or project.
• Financial Management (Moderate level required)
Managing all finance aspects of the organisation particularly budgeting and spending and the success of all programmes and projects of the organisation.
• Change Management and Leadership (Moderate level required)
Change Leadership is about transforming and aligning an organization through its people to drive for improvement in new and challenging directions. It is energizing a whole organization to want to change in the same direction. It involves developing and implementing turn around strategies to accelerate transformation.
• Market Knowledge (Moderate level required)
Market Knowledge is about understanding the market in which a business operates. This business context can include the competition, the suppliers, the customer base and the regulatory environment.
• Customer Impact (Moderate level required)
Customer Impact is about serving and building value- added relationships with customers or clients, be they internal or external.
• Commercial Orientation (Moderate level required)
Commercial Orientation is about identifying and moving towards business opportunities, seizing chances to reduce costs and increase revenue.
• Results Orientation (Moderate level required)
Results Orientation is about being focused on improvement of business results.
• Collaboration and Influence (Advanced level required)
Collaboration and Influence are about working effectively with, and influencing those outside of, your functional area for positive impact on business performance.
Personal attributes:
• Willing and wanting to work flexible times as required
• Goal-oriented
• Passionate about problem solving
• Detail focused
• Excellent time management
• Excellent written and verbal communication skills
• Confident, enthusiastic and self-motivated
• Ability to work independently as well as part of a team
• Ability to understand new systems quickly
• Must be able to work well under pressure and meet deadlines
REMUNERATION & BENEFITS
Remuneration Package: R 1 222 639 to R 1 461 828 per annum Total Cost to Company per annum inclusive of all benefits and company contributions.
PLEASE NOTE
Closing date: 23 July 2020
Interested applicants should send detailed Curriculum Vitae, copies of academic qualifications and names of three contactable referees to Ms. Fayroes Sherry via email jobs@nsfas.org.za.
NSFAS do not consider late applications. Staff on Leave must ensure that they check the NSFAS portals for advertised vacancies and familiarize themselves with the respective closing dates. NSFAS only corresponds with Shortlisted Candidates. If you do not hear from NSFAS within 2 months of the closing date, please consider your application unsuccessful.
** NSFAS committed to employment equity. Preference will be given to candidates who improve employment equity considerations **
10 Brodie Road, House Vincent, 2nd Floor, Wynberg, Cape Town, 7700 | Private Bag X1, Plumstead, Cape Town, 7800 Tel No.: 0800 067 327 | 021 763 3200 | Email: jobs@nsfas.org.za