Information Security Officer

IT – Analyst, Data Management
Cape Town – Western Cape

SUPPORT the development, education, monitoring, and implementation oversight of enterprise information security policies and standards as your expertise as an Information Security Officer is sought by a fast-paced Software Specialist. You will help to create and maintain an ISMS and later a QMS. Your core focus will be to assist the administration of Information Security governance and compliance processes and monitoring and reporting Information Security policy and program compliance. You will require a BCom/BSc Degree in IT or similar field and be ISO 27001 Risk Manager Certified with 2 years IT Risk/Audit experience including a strong understanding of regulations relating to IT Risk. You must also have solid knowledge of ISO 27001 standards and preferably also TISAX., demonstrable Project Management skills and have knowledge of IT Risk, Compliance & Internal Control.
  • Identify current and future security threats and advice organisation on the mitigating measures.
  • Collaborate with other teams in addressing organisation cyber threats.
  • Evaluate the current technical architecture for vulnerabilities and weaknesses, including potential upgrades or enhancements.
  • Design and implement security strategies and roadmap.
  • Develop IT security policies and procedures.
  • Lead the organisation on the IT security governance framework.
  • Conduct Information Security awareness training for all employees of the organisation.
  • Supervise Information Security audits conducted by the organisation or by third-party personnel.
  • Report to Management on IT Security.
  • Compile relevant ICT Reports.
  • Administer and monitor new technologies, enhancements, and significant changes to the Information Security environment.
  • Assist the Information Security team and the customer or organisation by serving as an IT security point of contact.
  • Assist in the management and configuration of physical security, Disaster Recovery, and data backup systems are managed and configured.
  • Communicate Information Security objectives and new programs to divisions within the organisation.
  • Support other ICT functions.
  • Perform any other duties as directed.
Qualifications –
  • B Com/ BSc Information Technology or B Com or related field of study.
  • ISO 27001 Certified Risk Manager.
Experience/Skills –
  • At least 2 years IT Risk or Audit experience.
  • Strong understanding of regulations relating to IT Risk.
  • Sound knowledge of the ISO 27001 standards and preferably also TISAX.
  • Demonstrated Project Management skills.
  • Knowledge of IT Risk, Compliance and Internal Control.
  • Good communication skills, good report writing and presentation skills.
Desirable –
  • Certified Information Systems Auditor / Certified Internal Auditor.
  • IT Risk.
  • Audit.
  • Compliance.
  • Internal Auditing.
  • ISO.
  • Compliance Audit.
  • Risk Management.
  • IT Security.
  • Good command of English both writing and speaking
  • Highly motivated, with a proven ability to work on own initiative within a challenging and dynamic work environment.
  • Demonstrates strong ability to synthesize professional principles and standards. 
  • Business acumen.