Executive Head : Cybersecurity : Sa Operations

When it comes to putting people first, we’re number 1. The number 1 Top Employer in South Africa, certified by the Top Employer Institute.

Cybersecurity is critical to Vodacom and Vodafone and a strategic priority to enable our business and customers. The Executive Head of Cybersecurity is a Vodacom Group-level role that champions and delivers cybersecurity across all Vodacom South Africa businesses.

Drive the cybersecurity strategy implementation for Vodacom South Africa aligned to the Vodacom group technology strategy and Vodacom group cybersecurity strategy.

Translate the strategic vision into operational requirements and drive fulfillment of these technical requirements.

Responsible for the SA organization‑wide cybersecurity program, governance, and risk management.

Lead crisis management and incident response for SA, working closely with the Group Cyber Intelligence Centre (CIC). Oversee the implementation of large‑scale cybersecurity initiatives across South Africa, including overseeing cross‑functional teams delivering cybersecurity programme.

Translate technical capabilities into business outcomes and objectives, defining clear metrics for progress and regularly reporting them to Group Cybersecurity Mancom and SA IT, Audit and Risk Committees.

Oversee budget planning and resource allocation for cybersecurity programs. Deliver new security capabilities into business areas and identify opportunities and security demand from business areas.

Identify and work with technology teams to remediate cybersecurity risk. Establish and maintain strategic partnerships with internal and external stakeholders.

Champion a culture of security awareness and resilience across all business units, including adoption of emerging technologies (e.g., AI, Zero Trust, quantum‑safe cryptography) to future‑proof the organization.

Provide board‑level insights and reporting on cybersecurity posture and risk mitigation. Participate in development of Group security policies, standards, and framework and drive their localization in the SA market.

Champion and rally the IT and Network teams around the Cybersecurity function and educate these areas on the value of the function to enable revenue generation, cost savings and business performance measurements.

Conduct strategic analysis of Vodacom SA system and network strategies to ensure strategic technology direction meets security requirements and supports Group cybersecurity objectives.

Oversee the security design and implementation of all products across Financial Services, Consumer, Enterprise, Technology and Digital—design phase security and pre‑post implementation.

Partner with business leaders and peer‑level managers to assess the technological cost and impact of recommended changes, help clarify priorities, and coordinate cross‑organizational consortia where common needs have been identified.

Provide security consultation for business transformation and application‑related projects to support appropriate delivery methodology.

Provide leadership to the SA team in line with business requirements, technology standards and best practices within the function. Report to Market senior leadership concerning risk, vulnerabilities and other security exposures and remedial actions.

The ideal candidate will have an industry‑recognised cybersecurity certification such as CISSP, CISM, or CRISC and a minimum of 4‑year tertiary qualification in Information Systems or Engineering (BSc IT, BCom IT, Diploma IT) or a master’s degree (advantageous).

Core competencies, knowledge and experience: Proven leadership experience managing large, cross‑functional teams and complex cybersecurity operations across multiple business portfolios.

Expertise in cutting‑edge cybersecurity technologies such as threat detection and response, encryption, identity and access management, and cloud security.

Advanced knowledge of cyber risk management, threat modelling, and mitigation across business units and third‑party ecosystems.

Strong understanding of local and global regulatory frameworks (e.g., GDPR, POPIA, PCI‑DSS) with experience leading compliance, audit readiness and remediation.

Proven ability to engage with regulators, suppliers and industry bodies while enforcing governance frameworks aligned with ISO, NIST and COBIT.

Expertise in enterprise security architecture, including secure‑by‑design principles, zero‑trust models and cloud‑native security frameworks.

Proficiency in securing hybrid and multi‑cloud environments (e.g., AWS, Azure, GCP), implementing identity and access management (IAM), privileged access controls and authentication mechanisms.

Familiarity with secure software development (DevSecOps), SIEM, DLP, endpoint protection, and emerging technologies such as AI‑driven threats and quantum risks.

Strong communication and stakeholder engagement skills, including the ability to present technical insights to non‑technical audiences.

Commitment to mentoring, succession planning and fostering a strong cybersecurity culture.

Financial acumen with experience in budget management, cost optimisation and vendor performance oversight.

Closing date for applications: 12 November.

The base location for this role is Vodacom, Midrand Campus.

The company's approved Employment Equity Plan and Targets will be considered as part of the recruitment process.

As an Equal Opportunities employer, we actively encourage and welcome people with various disabilities to apply. Vodacom is committed to an organisational culture that recognises, appreciates and values diversity & inclusion.