Cybersecurity Strategist

2 months ago

Centurion, Gauteng, South Africa Future Africa Consulting (Pty)Ltd Full time
Job Description:About the Role:

FUTURE AFRICA CONSULTING (PTY) LTD is seeking a highly skilled Information Security Specialist to join our team. As a key member of our IT department, you will be responsible for developing and implementing information security services and initiatives that align with our IT strategy and enterprise architecture.

Key Responsibilities:
  1. Information Security Services: Develop and maintain information security services capability and initiatives to support IT strategy and enterprise architecture planning.
  2. Advisory and Management: Advise on and ensure the effective management of information technology and business processes access, and communicate feedback to enable associated security risk management.
  3. Vulnerability Management: Perform vulnerability testing and scanning, and report on TCTA's vulnerability profile and recommendations to improve the profile.
  4. Analysis and Compliance: Analyze related information/reports to identify discrepancies and anomalies, recommend remedial action, and ensure compliance to security policies and standards.
  5. Policy Development: Develop and/or align information security policies to identify and manage risk exposure.
  6. Risk Mitigation: Mitigate risk by ensuring that proper IT security and information management measures are in place.
  7. Security Audits: Perform security audits and clean-ups to ensure accurate and up-to-date access within TCTA.
  8. IT Applications and Infrastructure: Understand IT applications and infrastructure in alignment with policies and procedures.
  9. Information Security Principles: Document the information security principles and guidelines for application software, as well as standards that should be adhered to for each product.
  10. Security Requirement Specifications: Develop information security requirement specifications prior to the procurement or implementation of new systems and technology to ensure alignment between business goals and supporting system functionality.
  11. Information Security Architectural Repository: Maintain the Information Security Architectural repository to ensure consistency between applications and systems.
  12. Environmental Awareness: Ensure currency of systems and technology by maintaining an environmental awareness.
  13. Life-Cycle Management: Provide guidelines for the development of life-cycle management strategies for systems and technology in conjunction with major stakeholders to ensure business continuity.
  14. Security Risk Management: Manage information security risks and issues, and escalate where necessary.
About the Research Function:
  1. Research: Research and develop leading practices for the Information Security function.
  2. Benchmarking and Analysis: Benchmark and analyze trends to optimize internal processes.
  3. Business Engagement: Engage with business units to proactively (and reactively) provide solutions, advise TCTA's management and other stakeholders in their relevant area of expertise.
  4. Best Practice Benchmarking: Benchmark TCTA's Information Security Architecture with local and international best practice and applications at other organizations.
About the Project Management Function:
  1. Project Identification: Identify strategic projects that need to be undertaken in the Information Security function.
  2. Project Planning: Prepare project definitions and detailed plans with the PMO.
  3. Project Implementation: Drive and support the implementation of specialized areas initiatives and strategic projects that address the needs and expectations of TCTA's stakeholders.
  4. Functional Requirements: Document functional requirements and specifications for new information security solutions.
About the Reporting Function:
  1. Progress Monitoring: Monitor and report on progress against functional initiatives.
  2. Compliance Reporting: Monitor and report on compliance with information security policies, procedures, and controls.
  3. Governance and Institutional Governance: Promote sound institutional governance, participate in required governance structures, and serve as a member on the required forums.
  4. Functional Performance Reporting: Compile reports on the functional performance at the required intervals, reflecting all relevant statistics, e.g., monthly/quarterly cybersecurity report.