Spec : Cyber Security

Job description : Core DescriptionTo oversee and direct the build, maintenance and monitoring of cyber security services and solutions to ensure customers are protectedagainst cybercrime.

• Lead efforts of the Information Security Function / Team, establishing an Information Security Management System (ISMS) that is managed and improved on a continuous basis
• Communicate with executive management on the risks and mitigating controls related to the business and operational systems environment
• Ensure appropriate non-technical controls, e.g., that the documented security policies, standards and procedures are created, reviewed, updated and maintained periodically by appropriate individuals, as well as technical controls, e.g. user access and authentication controls are in place
• Ensure that all business unit security coordinators understand and execute their security responsibilities in accordance with related policies, standards, and procedures
• Research information security advisories, publications, vendor correspondence on application patches, updates and version releases and media for recent exposures and their fixes in operating systems, databases, applications, and networks
• Develop and implement an Information Security Strategy and a Technology Security Architecture with assistance from the Information Security Function / Team members
• Develop and implement the review and Risk Program with assistance from the Information Security Function / Team members

• Cybersecurity Governance & Framework
• Cybersecurity Tools & Solutions
• Finance and Budget Management
• Risk Management
• Project Management
• Core Behavioural Competencies
• Culture Match
• Job Match
• Applying expertise & Technology
• Persuading and Influencing
• Analysing
• Deciding & Initiating Action
• Entrepreneurial & Commercial thinking

• NQF 6 : 3 year Degree / Diploma / National Diploma in Computer Science or Information Systems OR NQF 4 : Grade 12
• Additional Education - Preferred / Advantage
• Experience: 5 years' experience in cyber security solutions OR 7 years' experience in Cyber security solutions
• Certifications: Certified Information Systems Security Professional (CISSP); GIAC Certified Incident Handler (GCIH); CompTIA Advanced Security Practitioner (CASP+); Cisco Certified Network Professional Security (CCNP Security); EC-Council Certified Penetration Testing Professional (CPENT); Microsoft Certified : Cybersecurity Architect Expert

In Relevant Industry

Span of Control 0 Level of Engagement: Interact with similar levels, clients and with various stakeholders within BCX

Required to travel locally and / or internationally Required to be available 24 / 7 Ability to cope under pressure

BCX is an equal opportunity employer, and appointments will be made in line with our employment equity plan and talent requirements. We seek to promote the employment and advancement of designated groups, inclusive of people with disabilities, while building an inclusive workforce that embraces diversity.

Profile description : The Cyber Security Specialist is responsible for leading, developing, and maintaining robust security services and solutions to protect customers from cybercrime.

The role focuses on establishing and continuously improving an Information Security Management System (ISMS), ensuring both technical and non-technical security controls are in place, and aligning cyber security practices with business and operational requirements. Key responsibilities include providing executive management with insights on risks and mitigating controls, developing and implementing information security strategies and technology security architectures, and overseeing risk management and compliance programs.

The Specialist also ensures business units execute their security responsibilities in line with defined policies, standards, and procedures, while staying ahead of emerging threats through research and monitoring of vulnerabilities, patches, and global advisories. The position requires expertise in cyber security governance, risk management, tools and solutions, as well as strong project and financial management skills.

With a minimum of 5–7 years of cybersecurity experience and relevant certifications (CISSP, CISM, CISA, or equivalent), the Specialist is expected to be a trusted advisor to stakeholders, capable of influencing and implementing security strategies that safeguard critical systems and data.