Cyber Security Officer

**Cyber Security Officer Job Profile**

**executive summary**:
Briefly explain the contents of the document

**Job Details**

Job Title

Cyber Security Manager

Job Level

Management

Industry

Information Technology

Department

CIO - Cyber Security

Reports to

Group Cyber Security

Location

Centurion (and home office)

Formal Qualification(s)

Tertiary qualification in Information Systems / Engineering (Bsc IT, Bcom IT)

Legal Requirements

Passed credit and criminal checks

S.A Citizen or valid work permit for S.A

Experience

7+ Years of work-related experience and skills

Employment Type

Permanent / Fixed Term

Joining Date

Immediately

**General Purpose of the position**

This role is responsible for managing the day-today operations and effectiveness of security-related programes and initiatives, assesses the costs associated with potential threats and solutions required to eliminate or minimizing threats. Lead the service areas to provide assistance, advice, problem-solving, and technical information to internal and external customers regarding Information and Cyber security.


Description of Role:
**Key Responsibilities**:
Define the contents of Policies and guidelines on security and risk

Creates the information security management system and supports its definition

Defines the operating procedures and rules on cyber security

Supports the definition of the guidelines for analysis of cyber security risks

Defines the security requirements for significant projects and initiatives

Defines and provides awareness programs

Defines activities relating to Access governance issues, in terms of management of request flows, mapping of authorizing roles, management of authorizations, recertification of users

Defines the Assessment program

Threat modelling, security architecture, authentication technologies

Security patch management review and implementation.

Supervises control of levels of protection and of compliance with cybersecurity rules

Supervises, identification, prevention and reaction to attacks of a cyber nature through analysis and control actions, via instruments and internal and external information sources

Assist company and client in managing Business continuity and disaster recovery

Supervises activities related Assist clients in designing and implementing their identify and access management solutions

Assist company and client in managing information protection and data privacy.

Internal fraud prevention and e-crime

Guides and controls Cybersecurity operations of the defense units under the responsibility of other corporate functions (logical and physical security)

Carries out Cyber security activities for Group companies, with the aim of maintaining adequate protection levels and measures

Supervises management of cybersecurity incidents and those related to fraud

Supports operationally the management of internal fraud prevention and e-crime issues, collaborating, where provided for, with fraud management functions

Management of relations with the Authorities, Law Enforcement Agencies and other qualified bodies (e.g. CERT) on the issue of Cybersecurity

Manages internal fraud prevention and e-crime issues, collaborating, were provided for, with fraud management functions Manages relations with the Authorities, Law Enforcement Agencies and other qualified bodies (e.g. CERT) on the issue of Cybersecurity

Validates responses to calls for tender and coordinates bid management activities for the part within his/her competence

Assist IT and software factory teams with security requirements and measure the effectiveness of the implementation.

Plan, manage and run with external vendor and customer security audits

To be a focal point for all Client security projects.

**Core Skills and experience**:

- General programming/software development concepts and software analytical skills.
- Deep understanding and practical experience of IT Infrastructure and networks.
- Deep understanding and practical experience around physical perimeter security.
- Experience with hackers and hacking.
- Experience in assessing and implementing security and risk standards including ISO 2700X, NIST, ITIL, COBIT
- Systems security skills in assessment, design, architecture, management and reporting
- Conduct Information Security Assessment against EY Methodology and leading practice frameworks and common standards.
- Minimum 7-9 years of experience in core Information security domain.
- Experience in performing technical activities like VAPT, Configuration reviews and technical exception handling.
- Experience in cyber security incident management
- Experience in dealing with Clients
- Experience in managing senior stakeholders and Organization leadership teams
- Experience in team handling
- Nexi Payments South Africa may include or exclude any task that may be necessary in the interest of Nexi Payment South Africa at its discretion in the spectrum of services and/or duties to be rendered by the E