Picture
 
SOUTH AFRICAN NATIONAL PARKS (SANPARKS)
 
Manager: Information Technology (IT) Security
Park: Groenkloof (Head Office)
Description:
The organisation requires the services of a Manager: Information Technology Security to be based at Groenkloof National Park, Pretoria.
 
Interested persons who meet the criteria should forward their applications and detailed Curriculum Vitae to:
Human Resources Division
SA National Parks
PO Box 787
PRETORIA
0001
Fax: 086 295 4078
Email: jobapplications@sanparks.org
 
For more information, please send an email to Reginah.Visser@sanparks.org. Please do not send your application to this mailbox, it is meant for enquiries only.
Applicants in possession of foreign qualifications to submit evaluated results by the South African Qualification Authority.
If you have not been responded to within 21 days of the closing date, please accept that your application was not successful.
 
 
Requirements:
  • Be in possession of a BSc Information Technology /Computer Science or B Com Informatics /Information Systems or National 3 year Diploma: Information Technology. Have a relevant Information Security Certification e.g. Certified Information Security Manager (CISM), Certified Information Security Services Professional.
  • Have at least 8 years’ experience in an IT environment and at least 6 years’ experience in an IT Information Security role.
  • Have experience in an Information Security environment in the Public sector.
  • Knowledge of Corporate Governance of Information and Communication Technology (CGICT) as prescribed by the Department of Public Service and Administration (DPSA).
  • Knowledge of Information Security Standard ISO 27001 and ISO 27002 and Minimum Information Security Standards (MISS)
  • Knowledge of Firewalls and Intrusion Detection and Prevention Systems, penetration testing and vulnerability assessments 
  • Knowledge of Information Security in Cloud, Mobile and Online Transactional environments.
  • Knowledge of COBIT.
  • Knowledge of Information Technology Infrastructure Library (ITIL).
  • Knowledge of the application of Information Security Policies, standards and Guidelines
  • Knowledge of information security architecture.
  • Knowledge of the Cybersecurity Frameworks, e.g. NIST
  • Knowledge of relevant legislation and regulations, e.g. Protection of Personal Information Act, Electronic Communication and Transaction Act, Regulation of Interception of Communications and Provision of Communication Related Information Act 70 of 2002 and National Archives and Records Service Act;
  • Knowledge of Threat hunting and Threat evasion
  • Knowledge of vulnerability management across the enterprise
  • Knowledge of implementing measures to safeguard the organisation from cyber risks.
  • Knowledge of IT security risk registers and the management thereof.


Responsibilities:
  • Develop, maintain, monitor and enforce Information Security policies, procedures and standards in compliance with legislation, regulations and international standards and best practice.
  • Implement and maintain appropriate information security controls and mechanisms to ensure the confidentiality, integrity and availability of the organisation's data and information through an effective Information Security Management System, including cybersecurity.
  • Provide leadership and serve as a central point for information security management.
  • Manage internal and external relationships to achieve organisational cohesiveness around IT information security within SANParks.
  • Assess IT services, service agreements, services contracts, user and functional requirements, as well as environmental changes for impact on information security.
  • Research and contextualize information security industry practices, guidelines, and standards to comply, conform, stabilise and improve SANParks' information security.
  • Communicate and liaise with approved security agencies and institutions with regards to security threats and incidents.
  • Have the ability to relay IT Security risks into business risk.
  • Manage information security incidents, including response planning and recovery. Provide information security education and awareness to employees, to instil a culture of compliance.
  • Measure conformance to SANParks' Information Security Policy, as well as associated plans, controls, standards, guidelines and procedures.
  • Manage the implementation of recommendations resulting from internal and external audits and risk assessments and reviews.
  • Provide regular reports on the status of IT Security;
  • Manage stakeholder expectations and relationships.
 
Salary: R 538 315 - R 882 581
 
SANParks is committed to the principles of employment equity. 
Preference will be given to PDI / HDSA.
 
Closing Date: 10 September 2020