|Company||South African Civil Aviation Authority|
|Reference #||Aviation Security Risk Specialist|
|Location||Midrand, Gauteng, South Africa|
To develop and manage an Aviation Security Risk Management System, which will comprise the following amongst others:
•Establishment of a formalized, risk-driven framework for integrating aviation security into daily operations and culture of aviation industry.
•Facilitation of threat identification, risk, analysis and risk management for Aviation Operators
•Supporting the promotion and development of continuous improvement activities across the organisation.
•Development and maintenance of a risk register.
To develop and monitor Aviation Industry’s Cyber Security Governance Framework as well as to develop norms and standards for managing cyber security within the industry. and assist SACAA to achieve its objectives and goals to protect civil aviation data systems from malicious electronic attack (unlawful interference) and the means of dealing with the consequences of such attacks.
The key duties and tasks that the incumbent will be required to undertake are:
•To establish and lead a robust cyber security posture for identification and protection of critical civil aviation infrastructure systems and standards
against cyber threats.
•Formulate strategies and framework within aviation in accordance with National and International resolutions.
•Establish and participate in government and industry partnership and mechanism for a systematic sharing of information on cyber threats, trends
and mitigation efforts.
|Job Functions||Risk Management|
Establish and lead Aviation Security Risk management Framework
•Develop and maintain an Aviation Security Risk Management Framework for the South African Aviation Industry.
•Provide guidance to the South African Aviation industry on the implementation of a security risk framework and risk management.
•Establish and manage a security risk assessment and mitigation process for the aviation industry;
•Establish a security data collection and analysis system
•Keep the aviation security national risk context statement up to date
•Coordinate the collation of data to inform the risk context statement
•Update all stakeholder on aviation security risk as well as mitigation measures to be implemented
Establish and lead Aviation Cyber security Framework Oversee and review Cyber Security.
•Development and oversee the implementation of the cyber security framework and strategy, overarching aviation risk strategy, ensuring the
effective implementation across civil aviation industry.
•Receive and review for approval Cyber Security Strategies and DRP periodically from aviation industry stakeholders;
•Lead identification, implementation and mitigation security mechanism.
•Participate in the development of future standards and requirements in collaboration with industry peer
Cyber security Incident Management
•Lead, develop, manage and maintain the cyber security governance deliverable life-cycle including ICAO Standards.
•Develop and implement security incident management, response and recovery strategies.
•Advise the Operators on potential impact to cyber governance / risk / compliance requirement.
•Provide support on the implementation of risk mitigation strategies when required.
Manage the non-conformance reporting system and database
•Manage the development and monitoring of the non-conformance database; and analysis of trends.
•Communicate with Operators on new trends and threads in relation to cyber security in the aviation environment
The SACAA will process applications as soon as possible. If you have not heard from us within 90 days
after your CV has been received by us, please consider your application unsuccessful.
Employment equity candidates will be preferred.
“All SACAA appointments are subject to S98 of the Civil Aviation Act, 13 of 2009 and all successful candidates will be subjected to security vetting”.
National Diploma or equivalent NQF Level 6 qualification in Computer Science/Information Technology
5 Years experience in Cyber Security Risk
5 Years experience in Risk Management
|Job Closing Date||20/02/2020|