Responsibilities

• The incumbent will be responsible for the following key result areas:

Directly involved:

• Formulating and implementing a strategy for the deployment of information security
• Performing formal security audits and risk assessments with a view to minimizing exposure
• Monitoring security vulnerabilities and hacking threats in network and host systems
• Tracking the latest IT security innovations and keeping abreast of the latest cybersecurity technologies
• Implementing an effective process for the reporting of security incidents and communicating with key stakeholders about IT security threats
• Monitoring the daily operation and implementation of the IT security strategy
• Conducting a continuous assessment of current IT security practices and systems and identifying areas for improvement
• Managing the IT security budget and communicating this with the appropriate parties
• Implementation of Network & Server Security including firewalls and patch management
• Continually review IT Security installations and incorporate improvements and innovations as a matter of routine.
• Review and enforcement of the IT policies, procedures, and standards
• Develop and deliver training/guidance verbally, written, or within training workshops as appropriate to IT Team and IT Systems Users
• Assist with legacy application security enhancement
• Assist with security on Serena’s e-commerce platforms
• Indirect through Site IT teams 
• Ensure ICT Policy, Procedure, and Standards implementation plan is developed and actioned
• Ensuring disaster recovery and business continuity plans are up-to-date
• Overseeing the investigation of reported security breaches
• Monitor Information System audit issues
• Follow-up IT security tasks
• Implementation of Network, Servers, and workstation Security

Knowledge, Skills & Experience required:

• A Bachelor's degree in Computer Science or a closely related discipline
• CISM or CISSP Certification. Any other security certification will be an added advantage
• Minimum of 3-5 years experience in a similar position is essential
• Excellent verbal, written, and interpersonal skills.
• Proven leadership skills
• Self-motivated and a good team player.
• Must have in-depth knowledge of business processes as well as process controls and risks and how these relate to relevant IT audit procedures.
• A proven record of dealing with complex projects and meeting conflicting demands
• Knowledge of Network monitoring tools, Traffic analysis, and intrusion detection systems
• Knowledge of information security management best practices such as ISO 27000
• Knowledge of threat and vulnerability analysis, risk assessment business impact analysis
• Experience in writing effective security policies and procedures