Executive Head : Cybersecurity : Sa Operations

Cybersecurity is critical to Vodacom and Vodafone and a strategic priority to enable our business and customers. The Executive Head of Cybersecurity is a Vodacom Group‑level role which champions and delivers the cybersecurity across all Vodacom South Africa (SA) businesses. The role is critical in ensuring the right priorities are focused on to reduce cyber risk across SA as rapidly as possible.

Drive the cybersecurity strategy implementation for Vodacom South Africa aligned to the Vodacom group technology strategy and Vodacom group cybersecurity strategy; translate the strategic vision into operational requirements and drive the fulfilment of these technical requirements.
Responsible for the SA organization‑wide cybersecurity program, governance, and risk management.
Lead crisis management and incident response for SA, working closely with the Group Cyber Intelligence Centre (CIC).
Oversee the implementation of large‑scale cybersecurity initiatives across South Africa including overseeing cross‑functional teams delivering cybersecurity programme.
Translating technical capabilities into business outcomes and objectives, defining clear metrics for progress and regularly reporting them into Group Cybersecurity Mancom and SA IT, Audit and Risk Committees.
Oversight of budget planning and resource allocation for cybersecurity programmes.
Delivering new security capabilities into business areas and identifying opportunities and security demand from business areas.
Identifying and working with technology teams to remediate cybersecurity risk.
Establishing and maintaining strategic partnerships with internal and external stakeholders;
Championing a culture of security awareness and resilience across all business units including the adoption of emerging technologies (e.g., AI, Zero Trust, quantum‑safe cryptography) to future‑prove the organisation.
Providing board‑level insights and reporting on cybersecurity posture and risk mitigation.
Participate in development of Group security policies, standards, and framework and drive their localization in the SA market.
Champion and rally the IT and Network teams around the Cybersecurity function and educate these areas on the value of the function to enable revenue generation, cost savings and business performance measurements.
Conduct strategic analysis of Vodacom SA system and network strategies to ensure that the strategic technological direction meets and aligns to security requirements and supports Group cybersecurity objectives.
Oversee the security design and implementation of all products across Financial Services, Consumer, Enterprise, Technology and Digital - design phase security and pre‑post implementation.
Partner with business leaders and peer‑level managers to assess the technological cost and impact of recommended changes, help clarify priorities, and coordinate cross‑organizational consortia where common needs have been identified.
Provide security consultation for business transformation and applications‑related projects so that decisions can be made as to the most appropriate delivery methodology.
Provide leadership to the SA team, in line with business requirements, technology standards and best practices within the function.
Report to Market senior leadership concerning risk, vulnerabilities and other security exposures and remedial actions.

The ideal candidate for this role will have:
• An industry‑recognised cybersecurity certification e.g., CISSP, CISM, CRISC.
• Minimum of 4‑year tertiary qualification in Information Systems or Engineering (BSc IT, BCom IT, Diploma IT) / Masters advantageous.
• Proven leadership experience managing large, cross‑functional teams and complex cybersecurity operations in multiple business portfolios.
• Expertise in cutting‑edge cybersecurity technologies such as threat detection and response, encryption, identity and access management, and cloud security.
• Advanced knowledge of cyber risk management, threat modelling, and mitigation across business units and third‑party ecosystems.
• Strong understanding of local and global regulatory frameworks (e.g., GDPR, POPIA, PCI‑DSS), with experience leading compliance, audit readiness, and remediation.
• Proven ability to engage with regulators, suppliers, and industry bodies—while enforcing governance frameworks aligned with ISO, NIST, and COBIT.
• Expertise in enterprise security architecture, including secure‑by‑design principles, zero trust models, and cloud‑native security frameworks.
• Proficiency in securing hybrid and multi‑cloud environments (e.g., AWS, Azure, GCP), implementing identity and access management (IAM), privileged access controls, and authentication mechanisms.
• Familiarity with secure software development (DevSecOps), SIEM, DLP, endpoint protection, and emerging technologies such as AI‑driven threats and quantum risks.
• Strong communication and stakeholder engagement skills, including the ability to present technical insights to non‑technical audiences.
• Commitment to mentoring, succession planning, and fostering a strong cybersecurity culture.
• Financial acumen with experience in budget management, cost optimisation, and vendor performance oversight.

Closing date for Applications : 12 November

The base location for this role is Vodacom, Midrand Campus.

The company's approved Employment Equity Plan and Targets will be considered as part of the recruitment process.

As an Equal Opportunities employer, we actively encourage and welcome people with various disabilities to apply.

Vodacom is committed to an organisational culture that recognises, appreciates, and values diversity & inclusion.