Enable job alerts via email!
Director : Information Security
University Of Johannesburg
Johannesburg
On-site
ZAR 300 000 - 400 000
Full time
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A prominent university in South Africa is looking for a Director: Information Security. This role involves developing and implementing strategies to protect information and systems from cyber threats. Candidates should possess a relevant degree, have 5-8 years of management experience in information security, and hold industry certifications such as CISA, CISM, or CISSP. This permanent position offers opportunities for leadership and collaboration in a dynamic academic environment.
Qualifications
- 5 to 8 years of management experience in Information Security Management.
- Experience in information security, project management, and IT service management.
- Risk assessment qualifications such as CISA, CISM or CISSP.
Responsibilities
- Establish an Information Security Management and Protection Framework.
- Define a Cybersecurity strategy aligned with UJ business objectives.
- Lead the implementation of IT security policies and procedures.
Skills
Education
Tools
Director : Information Security (P5) (Information & Communication Systems : Management Information Systems)
Advert reference : uj_
Advert status : Online
Apply by : 21 February
Job category : Education and Training
Campus : Auckland Park Kingsway Campus
Contract : Permanent
Remuneration : Market Related
EE position : EE Introduction
The University of Johannesburg (UJ) is a vibrant and cosmopolitan university, anchored in Africa and driven by a powerful strategy focused on attaining global excellence and stature (GES).
With an emphasis on independent thinking, sustainable development, and strategic partnerships, UJ is an international university of choice.
The University is guided by the Vice-Chancellor's vision of "Positioning UJ in the Fourth Industrial Revolution (4 IR) for societal impact in the context of the changing social, political, and economic fortunes of Africa".
Reporting to the Chief Information Officer within the Information and Communications Systems (ICS) Department, the Director of Information Security Management will be responsible for developing and implementing security strategies, policies and procedures to protect the organisation's data, systems and technology infrastructure from cyber threats and vulnerabilities.
Be situated at the Auckland Park Kingsway Campus, but not excluded from supporting all campuses.
Fulfil management, leadership, technical and administrative roles in the Department.
- Establish an Information Security Management and Protection Framework for developing and implementing an effective enterprise-wide Information Security Governance and Strategy Programme.
- Define a Cybersecurity strategy and operating model aligned with UJ business objectives with a clear, tracked and measurable cybersecurity plan.
- Assume responsibility for UJ's information security and compliance programme, building and leading a high-performing cybersecurity and compliance team and advisory consultancy to business and IT domain leaders.
- Manage the day-to-day activities, including policies, procedures, training and communication regarding the Information Governance Programme.
- Perform regular IT Security Maturity Assessments for the respective UJ IT areas, including people, processes and technologies.
- Lead the security documentation process to ensure progress and auditability.
- Lead the implementation of a secure system development life cycle.
- Develop, implement and maintain IT security policies, procedures, standards and practices to ensure conformance with generally accepted practices and mandatory legislation / regulations.
- Conduct information assets security risk assessment.
- Lead the implementation and monitoring of information and data quality standards, policies and procedures.
- Oversee the selection, deployment and validation of IT Information security controls to ensure that security and compliance requirements are met.
- Ensure that information security threats are identified, detected, responded to, recovered from and followed up on.
- Ensure security programmes compliancy with relevant laws, regulations and policies to minimise or eliminate risk and audit findings.
- Integrate an Information and Cyber Security Risk Management Framework.
- Present regular reports to UJ executives and auditors on the cybersecurity status of the organisation.
- Collaborate with key stakeholders to proactively identify local issues and areas of risk that impact data quality, availability, and confidentiality.
- Implement preventive measures and remedial action when required.
- Conduct security audits to identify gaps and implement controls to mitigate risks.
- Degree or any relevant qualification (NQF 8).
- 5 to 8 years' of management experience in an Information Security Management.
- Information security, project management and IT service management experience.
- Outsourced services and management of commercial partners.
- Managing strategic change in a dynamic operating environment.
- Translating broad business needs and understanding the key drivers of enterprise applications.
- Risk assessment and mitigation risk-related industry-standard qualifications such as CISA, CISM or CISSP.
- Good interpersonal and communication skills (verbal and written).
- Ability to maintain sound human relations and
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
