SANReN CyberSecurity Manager

Posted on by admin

CSIR in Pretoria, Head Office is looking for SANReN CyberSecurity Manager. Please make sure that you apply only if you meet minimum requirements.

About the job:

The CSIR has a vacancy for SANReN Cybersecurity Manager in the South African National Research Network (SANReN) programme within the National Integrated Cyberinfrastructure System (NICIS), which is hosted by the Next Generation Enterprises and Institution (NGEI) cluster. The incumbent will be responsible for leading, developing, and maintaining cybersecurity and related services for NICIS and SANReN, as well as providing cybersecurity support and consulting to the SANReN constituency. The position is based in Pretoria and will report to SANReN Director.

For more information about the division/cluster/portfolio, please visit https://www.sanren.ac.zahttps://www.nicis.ac.za and https://www.csir.co.za/nextgen-enterprises-and-institutions.

Key responsibilities:

  • Manage the SANREN CSIRT (Cybersecurity Specialists with skills in information security, system administration, network engineering and IT services development) to implement the SA NREN information security strategy;
  • Drive SA NREN information security and risk posture planning activities;
  • Take the lead in defining policies and processes (culminating in an incident response plan) for handling information security incidents at the SA NREN level;
  • Design and implement reactive and/or pro-active CSIRT services;
  • Coordinate efforts to identify threats to, and vulnerabilities of SA NREN infrastructure;
  • Research new cybersecurity trends, threats and risks, including innovating new tools for an efficient SANREN CSIRT
  • Report to and advise the NICIS Management Team, SANReN Management Team, TENET Executive and TENET Board on the information security posture of SA NREN IT resources;
  • Coordinate mechanisms for distributing information security alerts and warnings including incident-related activity, critical patches, etc. to the community;
  • Collaborate with partners to enhance incident prevention and protection activities, particularly the TENET CSIRT team;
  • Represent the CSIRT nationally and internationally at various forums, such as the Forum of Incident Response and Security Teams (FIRST); 
  • Organise/coordinate SA NREN CSIRT education and training events ¿ e.g. workshops, training events and awareness campaigns;
  • Define the vulnerability management process (patching, workarounds, etc.) for SA NREN infrastructure; and the development of penetration testing capabilities
  • Lead the mitigation of identified threats to and vulnerabilities of SA NREN infrastructure;
  • Manage compliance and audit tasks related to information security;
  • Direct the implementation/adaptation of a ticketing system for tracking incidents, response actions and maintaining incident history/statistics;
  • Contribute to SANReN’s services development and incubation (SDI), Network Engineering (NE) and Project Management and Procurement (PPM) activities;
  • Supporting national and international information security strategic initiatives;
  • Contribute to SANReN’s strategic planning, marketing and communications, as well as risk management activities;
  • Contribute to NICIS activities aimed at developing and delivering a portfolio of integrated science data transport, stewardship and high-performance computing services;
  • Provide mentorship and technical coaching.

Qualifications, skills and experience:

  • A Master’s degree in computer/electronic engineering, computer science or related fields with at least ten years’ experience in ICT, of which five years should be in information security e.g. incident handling, risk management, security engineering, auditing (with preferably two years as part of a CSIRT/CERT/SOC);
  • A Doctoral degree in computer/electronic engineering or computer science will be advantageous;
  • Must have at least one security-related certification: (i.e. CISSP, Security+, CASP, CISA, CISM, ISO 2700x/27035, CRISC, SSCP, GIAC, TRANSITS, CEH);
  • The following would be advantageous:
    • Professional registration with relevant bodies, e.g. Professional Engineer with the Engineering Council of South Africa (ECSA) or Institute of Information Technology Professionals in South Africa (IITPSA);
    • Relevant industry certifications in project management and/or services management
  • Skills and knowledge in the following areas:
    • Data handling and interpretation;
    • Vulnerability assessments, identification and resolution;
    • Penetration testing principles, tools and techniques;
    • Configuration and use of network protection components / securing networks;
    • Identifying critical information infrastructure;
    • Risk assessments, auditing, etc.
    • Security architecture;
    • Incident response policy and procedure development;
    • IT operations, Help desk, ISSO / ISSE, policy writing, compliance, software and systems development, system administration, etc.
    • System and/or network administration;
    • Network applications and services;
    • Software development: programming and scripting;
    • General security / information assurance principles;
    • Cyber security threats, attack types, vulnerabilities and exploit methodologies;
    • Incident response/handling methodologies, categories, procedures;
    • Good understanding of common security tools and techniques, e.g. SIEM, IDS/IPS, Netflow analysis, protocol analysis, vulnerability assessment, log aggregation, event correlation;
    • Cryptography.
  • Ability to lead a team;
  • Ability to provide thought leadership and high-level conceptualisation;
  • Excellent communication and presentation skills;
  • Conflict management skills;
  • Decisiveness and action orientation;
  • Appropriate national and international RDI networks;
  • South African Citizen is necessary as a Security Clearance may be required for this position.

What’s in it for you?

The CSIR offers:

  • Flexible hybrid work arrangement.
  • Learning and development opportunities.
  • Competitive and market-related remuneration packages.
  • Total guaranteed salary packages which encompass contributions to the pension fund, risk insurance and medical scheme.
  • We openly acknowledge and reward our employees’ contributions and accomplishments through our esteemed CSIR Excellence Awards.

PLEASE NOTE THAT FEEDBACK WILL BE GIVEN TO SHORTLISTED CANDIDATES ONLY.

For more info, please contact the CSIR Recruitment Centre on 012 841 4774 or email us at Recruitmentinfo@csir.co.za

The CSIR is an equal opportunity employer. As such, it is committed to the employment Equity Act and will through the filling of this vacancy, give preference to candidates from designated groups in terms of the Employment Equity Act. By applying for this position at the CSIR, the applicant understands, and agrees that the CSIR may solicit a credit and criminal report from registered credit bureau and/or South African Police Services (in relation to positions that requires trust and honesty and/or entail the handling of cash or finances), and may also verify the applicant¿s educational qualification and employment history. The CSIR reserves the right to remove the advertisement at any time before the stated closing date and it further reserves the right not to appoint if a suitable candidate is not identified.

Apply here

Source: https://candidate.csir.co.za/psc/hr/EMPLOYEE/HRMS/c/HRS_HRAM_FL.HRS_CG_SEARCH_FL.GBL?Page=HRS_APP_SCHJOB_FL&Action=U

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *