Call for A-Team Information Security Officer
Applications Closing Date: 31 January 2018
We’re looking to expand our team with a sharp, security-minded team player who can design, implement and monitor intelligent information security solutions for our clients and strengthen our position in the market as a governance-driven professional IT services company.
Important things you need to know
What we do
We help our clients achieve confidence in their digital information by doing six things (quite well according to our clients):
- Reduce Risk (through IT Security)
- Increase Efficiency (through Advanced IT Infrastructure)
- Operate Intelligently (through Managed Services)
- Improve Consistency (through Corporate Governance)
- Empower Expertise (through the AVeS Training Academy)
- Boost Revenue (through Business Application Development)
What we believe
We live by 4 core organisational values that are:
- When we say you are important, it means that we’re not your run-of-the-mill employer. We base relationships on teamwork, treat people with dignity and respect, don’t fixate on job titles, care about people’s personal growth and promote collaboration through a flat organisational structure. At AVeS, you are important as part of the team.
- Know your role suggest competence, which is one side of the coin (we’ll get to the other side a bit later). You have a unique and complementary role to fulfil within the team, and that gives you the responsibility to live your potential. We believe that continuous learning breeds both inner confidence and actionable know-how, and make training part of our company culture.
- Within your role in our A-Team, you make a difference. Your role allows you to expand your responsibilities and have a measurable impact on the daily business processes and success. We like people who show initiative, take responsibility and consistently build up the team to be great.
- And lastly, the other side of the coin asks you to enjoy the journey. Attitude matters as it fuels motivation and happiness in the workplace. People within our team have a passion for what they do. We live in an exciting technology renaissance and strive to make the most of it. We may not be Google, but we are continually inspired by them.
The kind of people we would like to expand the team with are people who
- Live and breathe our values. If you don’t believe in them, we are probably not the right team for you.
- Have a keen attention to detail and pride in delivering high-quality work, fast.
- Seek growth in their technical abilities, analytical and creative entrepreneurial thinking, as well as communication and business relationship building skills.
- Are excited by the opportunities made possible by the world of technology.
- Want to make their mark in the technology and business world by building long-term business relationships.
What you will do
You will work closely with the Corporate Governance Team Lead to assist with their security compliance-related activities and responsibilities. Here’s how:
- Develop, implement and maintain Information Security Frameworks, along with policies, procedures, standards, guidelines and controls.
- Research, develop, implement, maintain and update clients’ overall security architecture, including Information Security Strategies and Information Security Programmes.
- Actively ensure appropriate administrative, physical and technical safeguards are in place to protect information assets from internal and external threats.
- Test safeguards (such as disaster recovery and emergency operating procedures, among others) on a regular basis, which requires you to meticulously monitor the security environment to identify and implement both testing processes and corrective actions.
- Thoroughly conduct and complete annual reviews and audits as required engaging both internal and external stakeholders.
- Continually report on the overall status of controls to the GM:IT.
- Act as the committed owner of security incident and vulnerability management processes from design to implementation, monitoring and incident reporting.
- Actively manage and assist in performing on-going security monitoring of information systems, including assessing information security risk through qualitative risk analysis on a regular basis, conducting functional and gap analyses to determine the extent to which key business areas and infrastructure comply with statutory and regulatory requirements, evaluating and recommending new information security technologies and counter-measures against threats to information or privacy, and developing security reports and dashboards.
- Design and deliver effective information security training and awareness programmes in conjunction with the internal training department.
Qualifications and Experience
- Diploma or Degree in Computer Science or Information Security.
- Current industry-related certifications, such as CISSP, CISSLP, GIAC or other similarly recognised security certification.
- 3+ years experience in information security management or another corporate governance practice.
- Demonstrate an in-depth knowledge of Information Security risk and industry best practices.
- Excellent intrapersonal skills: integrity, trustworthiness, empathy, deal with uncertainty, adaptable, approachable, focused.
- Excellent interpersonal skills: problem solving, negotiation, knowledge sharing.
- Excellent verbal and written communication skills (English, other languages are advantageous).
- Excellent work ethic: energetic, proactive, get-things-done attitude and take responsibility to deliver positive results beyond expectations.
- Solid proficiency in computer literacy and Microsoft Office 2016 / Office 365.
- Customer-centric sales skills and ability to build productive, growth-focused business relationships.
- Ability to travel to work and to clients (we are situated near Clearwater Mall in Johannesburg).