Head: Security Operations

Description:

Job purpose

• The Head: Security Operations is responsible for overseeing aspects of security operations, including threat detection, incident response, and security infrastructure management.
• This role involves developing and implementing security policies, managing security risks, ensuring regulatory compliance, and leading a team of information security professionals.
• The position demands a deep understanding of information security principles, threat intelligence, risk management, and operational management.

Key responsibilities

• Develop and implement a comprehensive information security strategy aligned with the company’s objectives and industry’s best practices
• Drive innovation in information security to enhance service delivery and protection
• Develop, implement, and enforce security policies, procedures, and guidelines
• Ensure compliance with industry standards and regulatory requirements
• Conduct regular risk assessments and develop mitigation strategies for information security risks
• Implement risk management strategies to ensure business continuity and data protection
• Lead incident response in identifying, containing, and eradicating cyber threats
• Develop and maintain incident response plans
• Oversee the collection and analysis of threat intelligence to anticipate and mitigate potential cyber threats
• Implement continuous monitoring of the company and client’s information systems to detect and respond to security incidents
• Recruit, train, and mentor a team of information security professionals
• Foster a culture of collaboration, innovation, and continuous improvement within the team
• Evaluate, implement, and manage security tools and technologies
• Stay updated with the latest cybersecurity trends and technologies to enhance the company and client’s security capabilities
• Manage relationships with external partners and clients
• Ensure that third-party services meet the company’s security standards and requirements
• Implement metrics and KPIs to track the performance and effectiveness of information security operations
• Provide regular reports to senior management on the security posture, incidents, and key performance indicators
• Maintain comprehensive documentation of security policies, procedures, and incident reports
• Promote knowledge sharing within the team and across the organization

Internal and external relationships

Internal Relationships:

• Executive Team (C-suite, including CEO, CIO, CTO, etc.)
• IT Team (Infrastructure, Development, and Operations)
• Compliance and Legal Teams
• Risk Management Department
• Security Operations and Incident Response Teams
• Human Resources (HR)
• Finance Team
• Internal Auditors

External Relationships:

• Vendors and Managed Security Service Providers (MSSPs)
• Regulatory Bodies and Compliance Authorities
• External Security Partners and Consultants
• Law Enforcement Agencies (Cybersecurity, Criminal Investigation)
• Industry Peers and Cybersecurity Communities
• External Auditors (for compliance and security audits)

Qualifications and Experience

• Minimum NQF level 7 equivalent qualification
• Microsoft Office Suite
• Bachelor’s degree in computer science, Information Technology, Cybersecurity, or related field

Knowledge, Skills & Abilities Required

• Minimum NQF level 7 equivalent qualification
• Minimum 5 years’ experience in information security or cybersecurity roles, with at least 5 years in a leadership position Proven track record in managing and leading information security teams in a fast-paced environment
• Extensive experience in incident response, risk management, and security policy development,
• Demonstrated ability to manage large-scale security projects and initiatives
• Strong background in security compliance and regulatory requirements
• In-depth knowledge of information security frameworks and standards
• Understanding of vulnerability assessment and penetration testing methodologies
• Knowledge of network security protocols and technologies
• Familiarity with endpoint security solutions

Behaviors required

• Strategic Vision & Decision-Making
• Leadership & Team Management
• Technical Expertise
• Incident Management & Crisis Handling
• Stakeholder Engagement & Communication
• Governance, Compliance, & Audit
• Adaptability & Innovation
• Budgeting & Resource Management
• Ethical Conduct
• Cultural Fit & Adaptability
• Collaboration

Requirements:

• The Head: Security Operations is responsible for overseeing aspects of security operations, including threat detection, incident response, and security infrastructure management.
• This role involves developing and implementing security policies, managing security risks, ensuring regulatory compliance, and leading a team of information security professionals.
• The position demands a deep understanding of information security principles, threat intelligence, risk management, and operational management.

• Develop and implement a comprehensive information security strategy aligned with the company’s objectives and industry’s best practices
• Drive innovation in information security to enhance service delivery and protection
• Develop, implement, and enforce security policies, procedures, and guidelines
• Ensure compliance with industry standards and regulatory requirements
• Conduct regular risk assessments and develop mitigation strategies for information security risks
• Implement risk management strategies to ensure business continuity and data protection
• Lead incident response in identifying, containing, and eradicating cyber threats
• Develop and maintain incident response plans
• Oversee the collection and analysis of threat intelligence to anticipate and mitigate potential cyber threats
• Implement continuous monitoring of the company and client’s information systems to detect and respond to security incidents
• Recruit, train, and mentor a team of information security professionals
• Foster a culture of collaboration, innovation, and continuous improvement within the team
• Evaluate, implement, and manage security tools and technologies
• Stay updated with the latest cybersecurity trends and technologies to enhance the company and client’s security capabilities
• Manage relationships with external partners and clients
• Ensure that third-party services meet the company’s security standards and requirements
• Implement metrics and KPIs to track the performance and effectiveness of information security operations
• Provide regular reports to senior management on the security posture, incidents, and key performance indicators
• Maintain comprehensive documentation of security policies, procedures, and incident reports
• Promote knowledge sharing within the team and across the organization

• Executive Team (C-suite, including CEO, CIO, CTO, etc.)
• IT Team (Infrastructure, Development, and Operations)
• Compliance and Legal Teams
• Risk Management Department
• Security Operations and Incident Response Teams
• Human Resources (HR)
• Finance Team
• Internal Auditors

• Vendors and Managed Security Service Providers (MSSPs)
• Regulatory Bodies and Compliance Authorities
• External Security Partners and Consultants
• Law Enforcement Agencies (Cybersecurity, Criminal Investigation)
• Industry Peers and Cybersecurity Communities
• External Auditors (for compliance and security audits)

• Minimum NQF level 7 equivalent qualification
• Microsoft Office Suite
• Bachelor’s degree in computer science, Information Technology, Cybersecurity, or related field

• Minimum NQF level 7 equivalent qualification
• Minimum 5 years’ experience in information security or cybersecurity roles, with at least 5 years in a leadership position Proven track record in managing and leading information security teams in a fast-paced environment
• Extensive experience in incident response, risk management, and security policy development,
• Demonstrated ability to manage large-scale security projects and initiatives
• Strong background in security compliance and regulatory requirements
• In-depth knowledge of information security frameworks and standards
• Understanding of vulnerability assessment and penetration testing methodologies
• Knowledge of network security protocols and technologies
• Familiarity with endpoint security solutions

• Strategic Vision & Decision-Making
• Leadership & Team Management
• Technical Expertise
• Incident Management & Crisis Handling
• Stakeholder Engagement & Communication
• Governance, Compliance, & Audit
• Adaptability & Innovation
• Budgeting & Resource Management
• Ethical Conduct
• Cultural Fit & Adaptability
• Collaboration