Leadership, Strategy and Planning

As a manager reporting directly to the Systems Executive, must be able to lead the Company’s Information Security by developing thorough strategic planning regarding Information Security, identifying, evaluating, prioritizing, developing and deploying initiatives that lead the company’s information security to excellence;As a member of the management team, shall establish governance processes of direction and control to ensure that objectives are achieved, risks are managed appropriately and the organization’s resources are used responsibly;As a leader, guide the Systems Division Information Security Specialist Team in having solid knowledge regarding all Information Security aspects, namely PCI DSS and POPI, and in using best of breed methodologies and processes, delivering outstanding service to the Business through correct alignment of people, processes, structure and systems with the Business strategic requirements;As a mentor, and leveraging the extensive experience in similar projects and positions, guide and build the confidence of the Systems Division Information Security Specialist Team in order to build a truly committed team with the company’s values and Business objectives.Operational Management

Lead and manage the Information Security Specialist Team, the suppliers, subcontractors and service providers in order to achieve the company objectives and service excellence;Make proficient use of the best practices and standards, based in solid proven experience, managing the establishment, implementation and adherence to policies and standards that guide and support the terms of the company’s information security strategy;Communicate frequently with executive management to ensure support for the information security program, using appropriate metrics and a mature business sense approach;Be able to deeply understand the business, current and future threats and vulnerabilities, developing an appropriate Risk Management methodology and an extensive set of security controls in order to support and ensure the security of high transaction 24×7 Business with due diligence and due care, assuring the highest levels of Confidentiality, Integrity and Availability of Information;Monitor the efficacy and effectiveness of the information security controls and proactively propose a set of corrective action in order to ensure that the Information Security Risk remains accordingly to the Risk Strategy set by the top management;Manage and improve the enterprise-wide business continuity and disaster recovery plans that protect the company’s critical assets;Be deeply committed in the achievement and maintenance of the PCI DSS Compliance;Manage the information security incident management program to ensure the prevention, detection, containment and correction of information security breaches and security violations;Create an enterprise wide information security education and awareness campaign and help coordinate the communication of the campaign to all members of the company.The ideal candidate should have the following knowledge and experienceProficient technical knowledge regarding Information Security and proven track record of leading highly complex information security projects, teams and operations;Mature information security approach, with deep business sense, following a Risk Management structured approach for planning, implementing, checking and acting over threats and vulnerabilities and the appropriate security controls;Experience in high pressure operational environment with millions of transactions per day;Experience in supporting a 24×7 Business with solid Information Security processes;Experience in business continuity;Knowledge in complex network infrastructures involving LAN, WAN and SAN;Knowledge of UNIX, Windows Servers and VMware;Knowledge of Oracle and SQL Databases;Having at least one of the following certifications: CISSP, CISA, CISM or ISO 27001 certifications is a plus;PCI DSS knowledge and experience is a key differentiator;ITIL v3 or ISO 20000 certifications are a plus;Deep knowledge of physical security is a plus;At least 6 years’ experience in complex Information Security projects or operations, with at least 3 years as an information security senior consultant or as an information security manager;BS in Electrical Engineering or Computer Science, or another rigorous discipline required. An advance degree in one of these fields is a plus.