Description:
Key Responsibilities:
Strategic Leadership and GovernanceDevelop and implement a comprehensive information security strategy that aligns with business goals and risk appetite. Lead the creation and execution of policies, processes, and standards to ensure the highest level of cybersecurity across the organization. Serve as the primary advisor on all cybersecurity matters to the executive team, board of directors, and key stakeholders. Ensure that information security strategies comply with regulatory requirements (e.g., GDPR, POPI, etc.) and are consistent with best practices. Report on the status of information security risks, threats, and controls to senior management and board members. Risk Management and Incident Response
Oversee the identification, assessment, and management of cybersecurity risks, including internal and external threats, vulnerabilities, and third-party risks. Lead the development and implementation of an incident response plan, ensuring that security incidents are promptly detected, analyzed, mitigated, and reported. Drive a culture of continuous improvement by ensuring proactive identification and mitigation of emerging cybersecurity threats. Cybersecurity Operations & Threat Intelligence
Manage a security operations team responsible for day-to-day monitoring, detection, and response to security threats. Utilize advanced threat intelligence tools to detect and neutralize threats across the organizations systems and networks. Collaborate with other teams to identify and address vulnerabilities through regular penetration testing, audits, and threat assessments. Team Development and Leadership
Build and mentor a high-performing team of cybersecurity professionals, providing guidance and career development opportunities. Foster a culture of security awareness and ensure that employees at all levels understand their role in safeguarding information and digital assets. Collaborate with internal teams, including IT, legal, compliance, and business units, to ensure effective cybersecurity implementation. Vendor and Third-Party Security
Oversee the evaluation, selection, and management of third-party vendors and service providers to ensure their cybersecurity practices meet the organizations standards. Conduct regular risk assessments of third-party relationships and ensure that appropriate security controls are in place for all external partners. Compliance and Auditing
Ensure that the organization is compliant with relevant industry standards, regulations, and frameworks, such as ISO 27001, NIST, SOC 2, etc. Lead internal and exter
01 Apr 2025;
from:
gumtree.co.za