SUMMARY:
-
POSITION INFO:
Well-established Automotive company based in Kariega are seeking a qualified and experienced applicant to join their dynamic team.
The Chief Information Security Officer deals with unique, highly complex business issues and is responsible for establishing an Enterprise Security Stance through policy, architecture and training processes, and by implementing appropriate security solutions in line with company standards, policies and guidelines, under the leadership of the Group IS Security Organisation (ISSO). The CISO is responsible for delivering, maintaining and measuring the effectiveness of Information Security Management Systems (ISMS).
The Chief Information Security Officers prepares an organisation to counter existing and emerging threats, is responsible for establishing and communicating best practices for maintaining data security, as well as monitoring the effectiveness of security operations. The CISO is also responsible for protecting the organisation's data and intellectual property, including maintaining best practices and designing effective policies to handle breaches and other disasters.
Qualification requirements
3-year IT (or related) Qualification - Degree or National Diploma
CISSP and\or other advanced security relevant certification
Experience needed
4 - 8 years business systems experience
Essentials
- Thorough understanding of general business processes
- Project Leadership (medium to large)
- Good knowledge of the corresponding system environment in the Manufacturing Industry and that of suitable market leader products
- Good knowledge of I.S. resources and financial management
Tasks within this Role
- The CISO is responsible and accountable for achieving the information security objectives within the defined scope of the legal entity by operationally running the ISMS.
- Maintaining and measuring the effectiveness of the ISMS.
- Implement processes to identify IT risks, recommend appropriate responses, and lead on validation of the effectiveness of controls to reduce the company’s risk and vulnerability.
- Act as security expert, support, and provide guidance to key internal and external stakeholders (IS, internal audit, the Brands, Group Functions, 3rd party partners) to ensure that all security matters are understood and managed.
- Implement, chair and lead to setup Application Panel processes, for reviewing and analysing business led internet and local initiatives to ensure compliance, risk and security topics are fully considered.
- Overall responsible and accountable for vulnerability management.
- Ensure regular penetration testing and vulnerability scanning is in place and continuously assess the effectiveness of controls and measures to reduce the attack surface of the organisation.
- Provide significant input into contract management processes to ensure that external Consultants, Outsourcing Partners, and 3rd party suppliers conform to the company's security policies and guidelines.
- Lead on the development of relevant security policies and guidelines, and to ensure that appropriate training and awareness campaigns is delivered to the business in order to develop a better understanding of cyber security.
- Keep up to date with Group security initiatives, and industry security issues, trends and technologies in order to identify and propose improved security solutions that meet the company's business requirements.
- Follow the IS Risk Management process with regards to function/departmental risks, ensuring alignment with SA company and AG approaches.
- Advise and support the Risk Acceptance process for highly complex projects/activities that cannot fully comply with policy
- Perform the role of PISO (Production Information Security Officer) ensuring effective security controls are implemented and maintained within the shopfloor environment.
- Oversee the implementation of an Industrial Cyber Security program to improve the security maturity level with the shopfloor environment.
- Perform the Role of SO (Security Officer) vehicle manufacturing ensuring security measures and controls are in place within our products.
- Identify IT risks/threats and highlight and recommend security measures.
- Oversee IT security policy and administration as well as all IT security decisions.
- Validate the effectiveness of IT security measures.
- Support management regarding questions in terms of IT security.
- Maintain contacts with local IT security expert agencies and keep abreast of local developments in the IT security field.
- Oversee the investigation and remediation of security breaches and incidents.
- Co-ordinate independent and group security audits
Note:
Please ensure that you upload a copy of your ID and Qualifications to be considered for this position.
Should you wish to apply please submit your CV through for consideration.
Only shortlisted candidates will be contacted. Should you not receive a response within 14 days please consider your application unsuccessful. We will keep your CV on our database for any other relevant roles that may arise.
