Jobs Description

Purpose of the job
To provide information security services including threat and risk management, solution architecture design, secure
configuration, security operations management (e.g. quality, change, incident, problem management, capacity
planning, etc.) incident response, vulnerability assessment and assurance management, governance, compliance,
performance and service continuity management.
Key Responsibility Areas
• Design and implement security standards and procedures in systems and security policies and guidelines
for all system security processes.
• Secures assets in the information system by defining and addressing possible and real security problems.
• Conduct, monitor and maintain threat and vulnerability assessments on a regular basis to minimize
associated risk and improve the security capabilities within operational implementation, such as ICT
infrastructure linked to SITA managed networks.
• Manage implementation of information security awareness and training programmes for employees and
clients.
• Coordinate ongoing activities related to the development, implementation, and maintenance of information
security controls and services aligned to the cyber security framework, policies, standards and procedures.
Qualifications and Experience
Required Qualification: 3-year National Higher Diploma / National Degree in Computer Science or Information
Technology or Network Management or a relevant discipline NQF level 6 qualification.
Certification: Professional IT security management certification e.g CISSP ITIL Foundation, CoBit Foundation or
CISM, GIAC, CCNP, ISACA CRISC CCSP: Certified Cloud Security Professional Advanced certifications such as SANS
GIAC/GCIA/GCIH, CISSP or CASP and/or SIEM specific training and certification will be an advantage. Certified
information system security professional (CISSP) or Certified Information Security Management (CISM), would be
an added advantage.
Experience: 6 – 7 years ICT Infrastructure or application development experience including IT Security working
experience.
Technical Competencies Description
Knowledge of: System Engineering methods and Governance. Working knowledge of Enterprise architecture
framework (TOGAF; Zachman; FEAF; MODAF; GWEA Framework; MIOS) Proven experience in working with
Governance Processes and Standards (ISO 9001; ISO 27001/ 27002; ISO 12207 (SDLC); ISO 42010; COBIT; ITIL;
UML). Knowledge of 7/10 CISSP domains Service Oriented Architecture (SOA). Working knowledge of Information
System Security Technical Standards (e.g.: PKI, IAM, Cryptography). Exposure to ICT security architecture in a
specific CISSP domain. Planning, designing and validating skills related to architecting security solutions. Detailed
knowledge of the SOPs of the area/discipline the jobholder is works in (HR, Finance, IT, etc as well as how to apply
it. ICT Policy and Strategy Management. Excellent writing skills. Strong team leader capabilities and Analytical skills.
Other Special Requirements
Candidates must have a valid driver’s license and their own transportation. Knowledge of business continuity,
disaster recovery planning, testing and forensic investigations