Home > Careers > Information Security Officer

Information Security Officer

This role is on a permanent contract basis.
Applications close on 14 December 2021

We’re looking to expand our team with an Information Security Officer (ISO) to help our business achieve sustainable growth and strengthen our position in the market as an IT Governance & Architectural Services Consultancy. Preference will be given to candidates from all designated groups including people with disabilities.

Life of a Information Security Officer at AVeS Cyber Security:

The Information Security Officer (ISO) is accountable for ensuring appropriate controls are in place for the security of information assets. The ISO safeguards information by seeing that security risks are identified, assessed, and accurately reported. Additionally, the ISO is charged with ensuring local procedures and activities comply with all regulatory requirements and internal policies, procedures, guidelines, and standards. The ISO is the centre of competence for Information Security providing an advisory services role and acting as the focal point for security compliance related activities and responsibilities.

Overview

Department: Corporate Governance

AA/EE: Not Applicable

Application Closing Date: 14 December 2021

Location: Johannesburg, Gauteng.

Contract type: Permanent

Starting Date:  January 2022

Day-to-Day Responsibilities

  • Responsible for establishing and maintaining the information security program to ensure that information assets and associated technology, applications, systems, infrastructure, and processes are adequately protected in the digital ecosystem in which we operate.
  • Create a framework for roles and responsibilities about information ownership, classification, accountability, and protection of information assets.
  • Develop and maintain a document framework of continuously up-to-date information security policies, standards, and guidelines. Oversee the approval and publication of these documents.
  • Facilitate a metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation, and increase the maturity of the information security, and review it with stakeholders at the executive and board levels.
  • Manage and contain information security incidents and events to protect corporate IT assets, intellectual property, regulated data, and the company’s reputation.
  • Monitor the external threat environment for emerging threats and advise relevant stakeholders on the appropriate courses of action.
  • Develop and oversee effective disaster recovery policies and standards to align with the enterprise business continuity management (BCM) program goals, with the realization that components supporting primary business processes may be outside the corporate perimeter.
  • Assist in the development and establishment of an Information Security Architecture.
  • Meticulously identify, introduce, and implement appropriate procedures, including checks and balances, are in place to test these safeguards on a regular basis
  • Thoroughly conduct and complete annual reviews and audits as required engaging both internal business partners across the organization and external resources.
  • Make it a priority to see that disaster recovery and emergency operating procedures are in place and tested on a regular basis.
  • Act as the committed owner of the security incident and vulnerability management processes from design to implementation and beyond.
  • Passionately manage and assist in performing ongoing security monitoring of information systems including assessing information security risk through qualitative risk analysis on a regular basis, conducting functional and gap analyses to determine the extent to which key business areas and infrastructure comply with the internal policies.
  • Ensure effective staff training programs are in place to increase security awareness.

Qualifications

Mandatory

  • Matric
  • Educated to degree level or equivalent.

    Experience

    Mandatory

    • Knowledge and practical experience of system security issues.
    • Practical experience in dealing with computer security incidents and security vulnerabilities.
    • Some Practical experience in intrusion detection systems.
    • Experience in writing effective security policies and procedures.

    Skills & Competencies

    Mandatory

    • The candidate is required to have sufficient knowledge or expertise to work on day-to-day issues in their own area without direct or continuous reference to others.
    • Understanding of Ethernet and TCP/IP.
    • Knowledge of network monitoring tools and Traffic analysis.
    • Knowledge of information security management best practices such as ISO 27000.
    • Knowledge of threat and vulnerability analysis, risk assessment business impact analysis
    • The ability to work effectively as part of a team and to relate positively to other people.
    • The ability to take the initiative in establishing new ways of working to achieve the objectives of the post Confidentiality, tact and diplomacy and the ability to work to deadlines.
    • Excellent communication skills.
    • Good time management and prioritisation skills.
    • Flexible approach to work.
    • Strong IT skills, including the ability to use a variety of software programs, including word processing, spreadsheets and databases, web, and email.

    The kind of people we hire in the A-Team

    Live and breathe our values. If you don’t believe in them, we are probably not the right team for you.

    Have a keen attention to detail and pride in delivering high-quality work, fast.

    Seek growth in their technical abilities, analytical and creative entrepreneurial thinking, as well as communication and business relationship building skills.

    Are excited by the opportunities made possible by the world of technology.

    Want to make their mark in the technology and business world by building long-term business relationships.

    Preference will be given to candidates from all designated groups including people with disabilities.

    Live and breathe our values. If you don’t believe in them, we are probably not the right team for you.

    Have a keen attention to detail and pride in delivering high-quality work, fast.

    Seek growth in their technical abilities, analytical and creative entrepreneurial thinking, as well as communication and business relationship building skills.

    Are excited by the opportunities made possible by the world of technology.

    Want to make their mark in the technology and business world by building long-term business relationships.

    Apply here

    Please add your personal email address and check that it is correct before submitting the form.
    This is your application's cover letter. Please keep it brief (3-5 sentences).
    Click or drag a file to this area to upload.
    Optional (PDF file under 2 MB)

    Pin It on Pinterest