Senior Manager - Cyber Security
Listing reference: nwu_002360
Listing status: Under Review
Apply by: 13 February 2024
Position summary
Industry: Education & Training
Job category: University and Academy
Location: Potchefstroom
Contract: Fixed Term Contract
Remuneration: Market Related
Introduction
NORTH-WEST UNIVERSITY (POTCHEFSTROOM CAMPUS)
DIVISION: INFORMATION TECHNOLOGY
POSITION NUMBER: P003180
POSITION: SENIOR MANAGER - CYBER SECURITY
PEROMNES GRADE: P6
EMPLOYMENT TYPE: 3 YEAR FIXED-TERM APPOINTMENT
NOTE: THOSE WHO PREVIOUSLY APPLIED NEED NOT RE-APPLY AS THE UNIVERSITY HAS YOUR APPLICATION
Job description
PURPOSE OF THE POSITION:
Cyber Security Specialists play a critical role in protecting an organisation’s information assets and ensuring the resilience of its cyber security defences. They provide leadership, strategic direction, and operational oversight to safeguard against cyber threats, maintain the confidentiality, integrity, and availability of sensitive information, and protect the NWU’s information assets
JOB DESCRIPTION
KEY RESPONSIBILITIES:
1. Acquisition and Program/Project Management (5):
- Leads, coordinates, communicates, integrates, and is accountable for the Cyber Security program’s overall success, ensuring alignment with NWU or enterprise priorities, including overseeing CS operations & maintenance, protection & defence, analyse, operation, collection and investigation.
- Program Management (PGMG) 5:
Takes full responsibility for the definition, documentation and successful completion of complex programs.
- Quality Management (QUMG) 5:
Ensures that projects, teams and functions have appropriate CS practices and meet required organisational quality levels.
- Organisational change management (CIPM) 5:
Develops the change management approach and a change management plan in collaboration with sponsors, users and project teams.
- Supplier Management (SUPP) 6:
Manages suppliers to meet key performance indicators and agreed targets.
- Project Management (PRMG) 6:
Have oversight for the definition, documentation and successful completion of complex Cyber Security projects.
- Portfolio Management (POMG) 5:
Ensures that CS programme/project leads and/or service owners adhere to the agreed portfolio management approach and timetable.
- Risk Management (BURM) 5:
Plans and implements complex and substantial risk management activities within the Cyber Security Programme.
2. Specialist Advice:
- Specialist Advice (TECH) 6:
Provides organisational leadership and guidelines to promote developing and exploiting specialist Cyber Security knowledge in the NWU. Maintains a network of recognised experts (inside and/or outside the organisation) who can deliver expert advice in relevant areas. Provides input into professional development planning across IT to further the development of Cyber Security.
3. Training, education and awareness:
- Develops, plans, coordinates, and evaluates cyber security training/education courses, methods, and techniques based on instructional needs.
- Learning Design and Development (TMCR) 6:
Specifies solutions for use in Cyber Security learning and development programs in the workplace or in compulsory, further or higher education.
4. Cyber Security Management (6):
- Executes decision-making authorities and establishes vision and direction for the NWU’s cyber and cyber-related resources and/or operations.
- Information Security (SCTY) 6:
Co-develops and communicates corporate information security policy, standards and guidelines as set out in the Information governance framework.
- Information Assurance (INAS) 6:
Co-develops information assurance policy, standards and guidelines.
5. Strategic Planning and Policy:
- Develop cyberspace workforce plans, strategies and guidance to support cyberspace workforce manpower, personnel, training and education requirements and to address changes to cyberspace policy, doctrine, materiel, force structure, and education and training requirements.
- Workforce planning (WFPL) 6:
Defines the workforce planning approach for Cyber Security in line with strategic business goals. Communicates the CS workforce planning approach and obtains organisational commitment.
Minimum requirements
MINIMUM REQUIREMENTS:
· A 4 year bachelor’s degree (NQF level 8) in Computer Science or STEM.
· A minimum of 5 years’ proven experience in network security, vulnerability assessment, penetration testing, incident response, firewall configuration, identity and access management, data encryption, secure coding practices, and security infrastructure design.
· A minimum of 5 years’ hands-on experience with security tools, conducting security assessments, and responding to security incidents.
RECOMMENDATION:
· Accreditations with the following:
- NIST foundational certification
- Certified Information Systems Security Professional (CISSP)
- Certified Information Systems Auditor (CISA)
- Certified Information Security Manager (CISM)
- CompTIA Security
- Certified Ethical Hacker (CEH)
- GIAC Security Essentials Certification (GSEC)
- Systems Security Certified Practitioner (SSCP)
KEY FUNCTIONAL/ TECHNICAL COMPETENCIES:
· Industry knowledge in understanding common attack vectors, emerging technologies, and compliance requirements (such as GDPR or HIPAA).
· Problem solving and analytical skills.
· Effective communication and collaboration skills.
· BURM - Risk management (5)
· PBMG - Problem management (5)
· CHMG - Change control (5)
· SCAD - Security operations (5)
· VUAS - Vulnerability assessment (5)
· DGFS - Digital forensics (5)
· PENT - Penetration testing (5)
· SCTY - Information security (6)
· INAS - Information assurance (6)
· PEDP - Personal data protection (6)
· THIN - Threat intelligence (6)
· TECH - Specialist advice (6)
· PRMG - Project management (6)
· STMG - Storage management (6)
· SFIA - Skills Framework for the Information Age (6)
BEHAVIOURAL COMPETENCIES:
· Autonomy: has defined authority and accountability for actions and decisions within a significant area of work, including technical, financial and quality aspects. Establishes organisational objectives and assigns responsibilities.
· Influence: influences policy and strategy formation. Initiates influential relationships with internal and external customers, suppliers and partners at senior management level, including industry leaders. Makes decisions which impact the work of employing organisations, achievement of organisational objectives and financial performance.
· Complexity: has a broad business understanding and deep understanding of own specialism(s). Performs highly complex work activities covering technical, financial and quality aspects. Contributes to the implementation of policy and strategy. Creatively applies a wide range of technical and/or management principles.
· Knowledge: promotes the application of generic and specific bodies of knowledge in own organisation. Has developed business knowledge of the activities and practices of own organisation and those of suppliers, partners, competitors and clients.
· Business: demonstrates clear leadership. Communicates effectively at all levels to both technical and non-technical audiences. Understands the implications of new technologies. Understands and communicates industry developments, and the role and impact of technology in the employing organisation. Absorbs complex information. Promotes compliance with relevant legislation and the need for services, products and working practices to provide equal access and equal opportunity to people with diverse abilities. Takes the initiative to keep both own and colleagues' skills up to date. Manages and mitigates risk. Takes a leading role in promoting security throughout own area of responsibilities and collectively in the organisations.
REMUNERATION:
The annual total remuneration package will be commensurate with the level of appointment as advertised and in line with the NWU policy guidelines.
ENQUIRIES REGARDING RECRUITMENT PROCESS MAY BE DIRECTED TO: Mr Rabs Diratsagae, Tel: 018 299 4797
CLOSING DATE: 13 February 2024
PLANNED COMMENCEMENT OF DUTIES: As soon as possible
Kindly take note: applications must be submitted online through the official nwu vacancy website.
Incomplete applications and those submitted through any other platform will not be considered.
The University subscribes to and applies the principles of Employment Equity (EE) Act and is committed to transformation. Preference will be given to candidates from the designated groups, in accordance with the principles of the EE Act and NWU Employment Equity Plan.
The University reserves the right not to make an appointment. Communication will be limited to shortlisted candidates only.
If you are not contacted within two months from the closing date of this advertisement, please accept that your application was unsuccessful.