Cyber Security Officer (Divisional) – AESCO

Our client a leading private sector freight management group in sub‑Saharan Africa is seeking an experienced Cyber Security Officer. The division consists of 9 business units. Operations are situated nationwide with head offices located in Durban, Johannesburg, Maputo and Namibia. This position is Johannesburg based (Sandton).

The Cybersecurity Officer will be responsible for defining and implementing an IT Security Strategy for the division aligned to the Company’s Group Security Framework and direction the Group is taking in terms of cybersecurity. The IT Security Strategy will be required to be tailored to each individual company within the division. This will be based on a risk‑based approach. Each company will have a different risk profile.

The Cybersecurity Officer will need to perform maturity assessment against the Group Cybersecurity Framework for the respective companies within the division. This assessment will feed into defining each companies’ roadmap and risk from a cyber/IT security perspective. IT Managers from each company will have an indirect reporting line to the divisional Cybersecurity Officer. The Cybersecurity Officer will have an indirect reporting line to Group IT from a guidance and oversight perspective. The Cybersecurity Officer will assess, assist, direct and advise the respective IT Managers in all matters relating to IT/ cyber security. This will be inclusive of advising on secure architecture, secure operations and incident response. A monitoring and alerting function will be required to be setup from a divisional level that will leverage off the Group tooling. Driving cybersecurity awareness, upskilling, training and working with other cross‑functional teams will be additional focus areas. In summary, the role will focus on identifying IT/ cyber security risks and addressing them accordingly. The ideal candidate has the following characteristics: Confident personality, academically strong, strategic thinker, potential to learn, able to think out the box, technical oriented, self‑starter and takes initiative.

• Bachelor’s degree in information systems or computer science
• CISSP: Certified Information Systems Security Professional OR
• CISSP‑ISSMP: Information Systems Security Management Professional OR
• CISM: Certified Information Security Manager
• CEH: Certified Ethical Hacker will be an Advantage

• A minimum of 5–8 years’ experience in an information security related role
• Patch and vulnerability management experience
• Technology implementation experience
• Best practice knowledge and secure configuration in terms of relevant technologies and architecture
• Risk management experience
• Experience in security strategy creation and enforcement
• Knowledge of information security management frameworks, such as ISO/IEC 27001 and NIST.
• Familiarity with incident response standards and procedures and root cause analysis
• Knowledgeable in network, infrastructure, endpoint protection, cloud and web security
• Understanding of current legislation and regulations relevant to our organizations
• Strong communication and collaboration skills in terms of feedback and reporting