EN
v
South Africa

Head of Infrastructure and Security

Company Herotel
Reference # HIS_001
Published 30/03/2021
Contract Type Permanent
Salary Market Related
Location Stellenbosch, Western Cape, South Africa
Introduction
Applications are invited for the above-mentioned position. The position will be based in Western Cape, Stellenbosch. The individual will report to the Head of Systems.


PURPOSE OF THE ROLE:
The Head of Infrastructure and Security is responsible for the support and maintenance of all our physical and cloud-based server infrastructure across the organisation, as well as all our systems, applications, and information security, including access control and data retention.
Job Functions Information Technology
Industries Banking / Finance & Investment,Ecommerce,Financial Services,ICT - Information & Communications Technology,Infrastructure,IT - Information Technology,Telecommunications
Specification
Key Responsibility Areas:

• Leads the technical expertise and direction of the infrastructure & national systems team.
• Leads the IT Risk assessment, penetration test, vulnerability scans, and social engineering.
• Responsible for all data security, system backups, and disaster recovery procedures.
• Responsible for conducting regular vulnerability scans and disaster recovery simulations; and communicating the critical results to management.
• Educates management & staff on security risk through continuous reporting and presentations.
• Monitors Information Security industry trends and educates the organization of critical information.
• Develops, plans, and manages the Information Security Program to include policies, procedures, and standards.
• Leads the project initiatives to research, validate, and manage Information Security vendors and products to ensure robust detection, prevention, and monitoring tools are in place.
• Defines the Information Security plan to resolve gaps identified from audits, risk assessments, or vulnerability scans.
• Leads cybersecurity investigations providing summaries and recommendations to resolve the matter. Works closely with IT and project teams to ensure that new projects meet or exceed information security
requirements.
• Achieves Information Security and operational objectives by developing and executing strategic plans which reduce risk to information assets.
• Protects information assets by developing security strategies, directing system access control, monitoring, and response.
• Implements regulatory requirements, industry standards, and best practices such as POPIA (Protection of Personal Information Act), GDPR (General Data Protection Regulation), etc at a systems level, ensuring the Information Security Program is held to the highest standard.
• Work in collaboration across streams and in line with the macro compliance, risk and audit policies, functional heads & relevant Board subcommittees.
• Leads Information Security, Server infrastructure & National systems projects to align with organizational strategic objectives, goals, and risk tolerance.
Requirements
The successful candidate must have the following experience/skills:

• At least 4 years of information security experience.
• At least 4 years of server administration experience.
• At least 4 years of experience with managing cloud infrastructure, including AWS & Azure
• Experience with standards and best practices such as ISO27001, SIEM, POPIA, GDPR & SOC 2 compliance.
• Required demonstrated knowledge of information technology security trends and leading best practices.
• Minimum of 2 years experience directly leading infrastructure or security-focused staff in a team environment.
• Experience and expertise in managing and administering infrastructure and data systems.
• Minimum of 3 years experience in at least five of the following: access control systems and methodology; business continuity and disaster recovery planning; risk, response, and recovery; network security architecture; security management practices; audit and monitoring; enterprise and IT risk assessments; incident response management.
• Demonstrable experience in managing complex disaster recovery plans & procedures.
• Demonstrable experience in drafting and introducing data protection and disaster recovery policies.
• Requires working knowledge of ISP’s and their operations and procedures.
• Excellent time management skills and the ability to prioritize multiple initiatives and projects.
• Ability to establish strategic direction for the department and provide the roadmap of initiatives and priorities in support of that vision.
• Ability to operate at all levels of the organization.
• Excellent interpersonal skills including oral and written communications.
• Ability to manage change within the organization.
• Ability to maintain a high level of confidentiality.
• Technically proficient in IT and Information Security controls and concepts.
• Demonstrate flexibility and the ability to work in a team environment.
• Strong organizational and planning skills, resourcefulness, and creative problem-solving skills.


Qualifications:

• Degree in Computer Science, Information Technology or related field.
Job Closing Date 10/04/2021
   
   
Share on
 
Last Updated: 4-3-2021 [21.03.01.02]
Webserver: SkillsMap (NLBC)