• Login Name       Password       Remember me       LOGIN LOGIN    FORGOT PASSWORD
  • REGISTER

 LOGIN WITH
 
 
 
 
 EMPLOYERS
 
 
 
 
 
 NEWSLETTER
 
 
 
 
 FOLLOW US

Head of Cyber Security Operations

Job Ref
244876
Job Type
Permanent
Employer Type
Company
Date Added 21 Jan 2015
Expiry Date 18 Feb 2015
* There have been 16 applications to this job.
* This job has been viewed 4411 times.
Employer:
Absa Group 1

Location:
Gauteng

Salary:
Market related

Benefits:


Role details:
Risk and Control Objective:

Ensure that all activities and duties are carried out in full compliance with
regulatory requirements, Enterprise Wide Risk Management Framework
and internal Barclays Policies and Policy Standards
Understand and manage risks and risk events (incidents) relevant to the
role.
- - - - - - - - - - - - - -
Overall Job Purpose:

The overall purpose of the Head of Cyber Security Operations role is to build and run a function that provides:

Identification of current and potential cyber security threats to the Barclays Africa Group (Cyber
intelligence).
High level incident response services during a cyber-security incident (CSIRT). and
Security Information and Event Management services for Africa (SIEM) integrated with the global
Barclays competency.

Accountability:
Cyber Intelligence
Define, build and manage processes around the collection of cyber intelligence from internal and external sources, targeting the audiences that need to act on the intelligence and keeping track that intelligence has been acted on.

Maintain distribution lists detailing which areas need to receive what pieces of intelligence to most effectively implement preventative measures.
Identify and incorporate new sources of intelligence in the function, and retire old sources when no longer useful, such that intelligence is relevant to the African operation.
Maintain relationships within the banking industry in South Africa, Africa, and the rest of the world.
Make optimal use of intelligence shared by industry bodies such as the SABRIC CSIRT.
Act as BAGLs cyber security operations representative on local and international industry forums such as SABRIC in South Africa.

Accountability: CSIRT:

Define, build, exercise and manage processes, integrated with Barclays group processes, to coordinate activity when an information security incident is detected.
Identify key stakeholders in all relevant areas of the group that needs to act in an information security incident. Provide relevant training and instruction to the actors on what is expected of them during an incident.
Define communications plans detailing how communications will be handled during an information security incident and ensure stakeholders are familiar with the plan and related expectations.

Play a key coordination role during cyber security incidents managing the security
operations team activities locally and abroad, and interfacing with technology
incident functions such as Major Incident Management, technology infrastructure divisions and vendors to contain the incident.

Oversee and track the remediation of identified vulnerabilities across the Africa group.
Work with the BCM function to conduct exercises to test the readiness of BAGL to react to various types of information security incidents.
Represent information security on internal and external forums to achieve the overall goal of reducing and preventing eCrime and fraud.

Accountability: SIEM

Define, build, and manage processes, integrated with Barclays group processes, to effectively monitor the Barclays Africa network and systems for cyber security
events.
Optimise use of the existing toolsets, be innovative in identifying new and better methods to analyse data and identify anomalies that could indicate a security
event, and suggest new toolsets.
Build in-house capabilities to perform investigations on suspected attack vectors such as malware, key-logging, hacking tools on the network, etc.
Build relationships with threat mitigation vendors such as the groups denial of service prevention provider. Understand and communicate processes to contact
and invoke emergency procedures.

Accountability: Risk and Control

Maintain Security Operations’ portion of the Information Security Risk and Controls register and update controls operated as operations evolve.
Identify new or better controls and implement as required.

Take responsibility for delivering relevant Sarbanes-Oxley controls and ensure year-round effectiveness of delivery
Ensure that all appropriate regulatory controls are performed in compliance with requirements and that an auditable evidence trail is maintained to prove
compliance
Ensure that all dependencies on other teams are clearly articulated and managed to ensure overall regulatory compliance for operational activities
Ensure that areas of non-compliance identified and an aggressive action plan initiated to deliver compliance.
Maintain an effective working relationship with Barclays Internal Audit and the group’s external audit providers.
Meet deadlines agreed to in the various control improvement programs of the group (control issues) and deadlines of actions agreed in audit issues.

Accountability: People and function management:

Define and manage resource requirements to effectively run a cyber-security operations function for BAGL, taking into account global competency and local demand.
Conduct performance and development management activities in line with BAGL HR requirements and guidelines.
Ensure that all team members are appropriately trained, developed and motivated.
Develop processes and supporting technology tool sets that are consistent, truly
global and meet the requirements of all customers.
Increase automation for all operational processes.
Conduct regular reporting as required by senior management. Reports may include measurements against key performance indicators, post incident reviews and root cause analysis, etc.
Present reports and operational matter at senior management and executive forums.

Education and Experience Required:

B-degree in a technology related field (NQF level no. 6). Postgrad degree preferred.
CISM, CISSP or equivalent qualifications preferred
10 years’ experience in a technology environment with at least 5 years focussed on information security.
Proven experience managing people
Proven experience in SOC, SIEM and CSIRT type functions

Knowledge & Skills: (Maximum of 6):

IT infrastructure and interoperation (major operating systems, database systems, middleware and networks)
Understanding of Attack Monitoring technologies and capabilities
Understanding of Incident Response procedures, with technical ability to ‘take control and co-ordinate’ major security incidents.
Deep knowledge of Intelligence, Incident response, Attack Monitoring operations, process management, ITIL disciplines
Broad and proven experience of a broad spectrum of security disciplines required.

Competencies: (Maximum of 8 competencies)
? Deciding and initiating action
? Learning and researching
? Entrepreneurial and commercial thinking
? Relating and networking
? Adapting and responding to change
? Persuading and influencing
? Creating and innovating





 
HOME|
INFO|