Wednesday , February 28 2024

Clicks Careers – IT Information Security Officer

Website Clicks Group

Job Description:

The main purpose of the job is to establish and maintain an information security framework to provide assurance that the supporting security strategies are implemented and aligned with business objectives, IT governance and legislative/regulatory requirements.

Job Responsibilities:

  • Ensure continuous process improvement of information security management
  • Conduct the information security risk assessment programme, supported by vulnerability assessments and facilitating independent penetration testing
  • Manage application security tools and vendors (cloud proxy, IAM/IAG, anti-malware, etc.)
  • Manage the relationship with the business and project process areas to ensure appropriate compliance levels according to the information security framework
  • Manage and coordinate remediation of IT audit findings by implementing supporting IT security controls and processes
  • Manage and improve incident response capability to proactively identify and mitigate against IT security risks or incidents, and recover from disruptive and destructive information security events
  • Lead the IT security team responsible for day to day security and operational tasks, logical user access management, access certification review campaigns, including management of resource allocation and duties
  • Provide information security input for architecture designs
  • Submit benefits case to initiate information security related projects, conduct rigorous evaluation and selection of appropriate technical solutions, secure required IT spend approval
  • Define, own and drive the Information Security framework with supporting policies, processes, standards and benchmarks
  • Define rolling 3 year information security strategy and roadmap, and supporting operations plan and budget estimates to close identified gaps
    Own and drive the annual PCI DSS re-certification exercise

Job Requirements:

  • Understanding of the full security stack and supporting technologies
  • Basic scripting skills (e.g. bash, python, powershell)
  • One or more of CISSP, CISM, OSCP/CEH (essential),
  • Understanding of threat analysis
  • Practical knowledge and understanding of information security tools, network security systems, host diagnostics, vulnerability assessments, penetration testing, threat assessments, report writing and documentation across multiple platforms

Qualification & Experience:

Job Details:

Company: Clicks Group

Vacancy Type: Full Time

Job Location: Cape Town, Western Cape, SA

Application Deadline: N/A

Apply Here