Ref: ITSSRCG0003 - CYBER SECURITY MANAGER, IT, CAPE TOWN
Listing reference: woolw_000200
Listing status: Under Review
Apply by: 10 January 2022
Position summary
Industry: IT & Internet
Job category: Others: IT and Telecommunication
Location: Cape Town
Contract: Permanent
Remuneration: Market-related
EE position: No
Introduction
To be responsible for the delivery and execution of cyber security across Woolworths South Africa. To work as part of the IT GRC & Cyber team and with partners across the Group to continually improve security posture. This role reports to the CISO and is a leadership role requiring demonstrable experience in building, delivering, and improving cyber security capabilities with a strong focus on people and processes. This is a permanent position based at the Head Office in Cape Town.
Job description
PEOPLE
• Leadership and management of the cyber security team covering responsibilities, delivery, development and performance management
• Management of key external security service relationships
• Management of internal partnerships for execution, including context setting, skills transfer and up-skilling
PROCESS
• Work with the CISO and other key stakeholders to define and drive the cyber security strategy
• Take responsibility for monitoring the attack surface and improving security posture accordingly
• Contribute to the ongoing improvement of cyber security operations, processes and ways of working
• Translate strategic security requirements into practical solutions and drive implementation
• Contribute to the completion and ongoing maintenance of Cyber and Information Security Policies, Standards, Procedures and Guidelines
• Remain aware of global security industry trends and influence the strategy accordingly
CUSTOMER
• Understand Cyber, IT and Business strategies and contribute to the creation and delivery of annual cyber operating plans
• Plan and prioritize projects and workload to deliver to the operating plan
Minimum requirements
JOB REQUIREMENTS
• 12 years relevant experience within the cyber and information security discipline
• Demonstrable experience in leading a specialised team within a large environment
• Experience with security frameworks, practices, technologies and processes
• May be required to assist outside of working hours
Additional Criteria
• Practical experience with the MITRE ATT&CK framework
• Working knowledge of NIST CSF and PCI-DSS
• Previous hands-on technical security experiences is advantageous
• 3-year IT qualification advantageous
• Makes sound technical decisions based on understanding of what is commercially achievable within technological constraints.
• Leverages research on technology-related concepts, trends and best practices to provide guidance on IT roadmap.
• Set technical policies and procedures to support IT stability and success aligned to evolving technologies and methodologies.
• Responsive to external influences (positive or negative) on the organisation.
• Maintains advanced knowledge of business operations and organisational metrics and trends.
• Quickly identifies key issues, stakeholders and viewpoints in a complex situation or problem
• Anticipates the consequences of situations and proactively works to overcome potential obstacles
• Asks perceptive, probing questions to get to the heart of the matter
• Plans and ensures implementation of activities/projects identified in business strategy
• Maintains a keen awareness of the interrelationships among various components of large-scale activities/projects
• Seeks and influences new relationships outside own unit and identifies new collaborative partnerships that better position programmes and services.
• Shares information with colleagues and partners about industry trends and business opportunities.
• Actively listens, interprets and presents messages in different ways to enhance understanding.
• Appropriately adapts the message, style, and tone of communication to accommodate a variety of audiences.
• Reviews presentations to ensure effective use of tools and techniques and provides recommendations.
• Prepares a wide variety of complex reports and documents using diverse sources.
• Confidently addresses groups of people, adapting style as appropriate for different audiences.
• Anticipates change by keeping up to date on current research and trends affecting one’s own field
• Reviews, evaluates and disseminates information regarding key methodologies, best practices and tools to support a future landscape
