Chief Information Security Officer

REQUIREMENTS Affirmative Action South African citizen 3-year IT (or related) Qualification - Degree or National Diploma CISSP and/ or other advanced security-relevant certification 4-8 years of business systems experience ESSENTIAL SKILLS Thorough understanding of general business processes Project leadership (medium to large) Good knowledge of the corresponding system environment in the manufacturing industry and that of suitable market leader products Good understanding of I.S. resources and financial management RESPONSIBILITIES Establish Enterprise Security Stance through policy, architecture and training processes, and by implementing appropriate security solutions in line with group standards, policies and guidelines, under the leadership of the Group IS Security Organization (ISSO) Deliver, maintain and measure the effectiveness of Information Security Management Systems (ISMS) Prepare an organization to counter existing and emerging threats Establish and communicate best practices for maintaining data security, as well as monitoring the effectiveness of security operations Protect the organization's data and intellectual property, including maintaining best practices and designing effective policies to handle breaches and other disasters Responsible and accountable for achieving the information security objectives within the defined scope of the legal entity by operationally running the ISMS Maintain and measure the effectiveness of the ISMS Implement processes to identify IT risks, recommend appropriate responses, and lead on validation of the effectiveness of controls to reduce the company’s risk and vulnerability Act as security expert, support, and guide key internal and external stakeholders (IS, internal audit, the brands, group functions, 3rd-party partners) to ensure that all security matters are understood and managed Implement, chair and lead to setup of application panel processes, for reviewing and analysing business-led internet and local initiatives to ensure compliance, risk and security topics are fully considered Overall responsible and accountable for vulnerability management Ensure regular penetration testing and vulnerability scanning are in place and continuously assess the effectiveness of controls and measures to reduce the attack surface of the organization Provide significant input into contract management processes to ensure that external consultants, outsourcing partners, and 3rd-party suppliers conform to group security policies and guidelines Lead on the development of relevant security policies and guidelines, and ensure that appropriate training and awareness campaigns are delivered to the business to develop a better understanding of cyber security Keep up to date with group security initiatives, and industry security issues, trends and technologies to identify and propose improved security solutions that meet the group's local business requirements Follow the IS risk management process concerning function/ departmental risks, ensuring alignment with SA company and AG approaches Advise and support the risk acceptance process for highly complex projects/ activities that cannot fully comply with policy Perform the role of PISO (Production Information Security Officer) ensuring effective security controls are implemented and maintained within the shopfloor environment Oversee the implementation of an industrial cyber security program to improve the security maturity level within the shopfloor environment Perform the role of SO (Security Officer) in vehicle manufacturing ensuring security measures and controls are in place within our products Identify IT risks/ threats and highlight and recommend security measures Oversee IT security policy and administration as well as all IT security decisions Validate the effectiveness of IT security measures Support management regarding questions in terms of IT security Maintain contacts with local IT security expert agencies and keep abreast of local developments in the IT security field Oversee the investigation and remediation of security breaches and incidents Coordinate independent and group security audits

Location: South Africa, ZA

Posted Date: 2/5/2025