Senior Manager: Cyber Security Operations and Engineering

Join TIH, home to some of South Africa’s leading financial service providers, and grow your career while being part of an organisation with purpose.

The Senior Manager:
Cyber Security Operations and Engineering role forms part of the TIH Cyber Security and IT Governance Team, and will be responsible for providing direction, planning, overseeing execution, analysing and measuring, and reporting on dedicated cyber security operations and engineering functions. This includes ensuring that these functions operate at the right level of maturity, are effectively optimised, compliant and adequately support TIH's Cyber Security outcomes;

produce relevant measurements and metrics to support TIH’s cyber security decisions; and that these functions continue to mature and adequately adapt to the changing threat and regulatory landscapes.

Identify information and related assets, plus potential threats, vulnerabilities and impacts and evaluate the risks. Decide how to address or treat the risks i.e. to avoid, mitigate, share or accept them.

Collect business requirements using a variety of methods such as interviews, document analysis, workshops, and workflow analysis to express the requirements in terms of target user roles and goals.

Ensure alignment and compliance to TIH's IT governance framework, policies and standards.

Develop stakeholder engagement through identifying stakeholders, finding out their needs/issues/concerns and reacting to these to support the communication of business information and decisions.

Identify the requirement for and participate in the selection of external consultants or advisors to deliver key projects and/or ad hoc services; ensure business objectives and requirements are clearly understood and monitor outcomes, taking appropriate remedial action where necessary.

Liaise and align strategies with the Corporate Risk, Legal and Compliance.

Liaise with external agencies to ensure the company maintains a strong security posture.

Coordinate the use of external resources involved in the information security program, including (but not limited to) interviewing, managing external resources, negotiating contracts and fees.

Identify and communicate the actions needed to implement the function's strategy and business plan within the business area or department; explain the relationship to the broader organisation's mission, vision and values; motivate people to commit to these and to doing extraordinary things to achieve local business goals.

Lead the development of standards, procedures, and related guidelines for a significant area of responsibility, ensuring compliance with external requirements and integration with the broader corporate policy framework.

Monitor and review processes to ensure risk/security and compliance arrangements are in place.

Develop and/or deliver a contingency plan for significant aspects of the risk management and/or control process.

Facilitate the information security risk assessment process in conjunction with the IT Governance Risk and Compliance team, including the reporting and oversight of treatment efforts to address negative findings.

Contribute to the design and creation of reporting strategies and templates. Lead execution of complex reports, identifying and interpreting complex patterns and trends, and translating those insights into actionable recommendations.

Identify and implement regular reporting mechanisms to provide visibility to enterprise risk teams and senior business leaders as part of the enterprise Cyber Security program.

Identify shortcomings in existing business practices, then suggest and implement improvements while developing and delivering projects or a work stream within the organisation's change management program. Involves working with guidance from senior colleagues.

Ensure that business activities within the area of responsibility comply with relevant external regulatory and/or voluntary codes and with internal…