Senior Manager: IT Security & Infrastructure

Johannesburg, South Africa

We are currently looking for an IT Manager in our Johannesburg office. Below is a guideline of the role and responsibilities, qualifications and requirements.

Role and responsibilities

Security Management

  • Develop, implement, and maintain a comprehensive IT security program, incorporating industry best practices and aligning with ISO 27001 standards Attend any meetings related to audit engagements for which you are allocated.
  • Regularly review and update security policies, procedures, and controls to address emerging threats and vulnerabilities.
  • Conduct periodic security risk assessments to identify and mitigate potential risks.
  • Ensuring that your planning board, and time recording system, is a true reflection of your activities
  • Manage incident response planning and execution, ensuring timely and effective response to security incidents.
  • Develop and deliver security awareness training programs for employees to promote a security-conscious culture.

Infrastructure Management

  • Design, implement, and maintain a robust and scalable IT infrastructure that supports RSM South Africa's business objectives.
  • Oversee the administration and maintenance of servers, storage, networking, and other infrastructure components.
  • Manage capacity planning and performance monitoring to ensure optimal system performance and availability.
  • Evaluate and implement new technologies to enhance infrastructure efficiency and effectiveness.
  • Develop and maintain disaster recovery and business continuity plans to minimize downtime and data loss in the event of an outage.

Cloud Security and Architecture

  • Develop and implement a comprehensive cloud security strategy that aligns with RSM South Africa's overall security goals.
  • Oversee the secure migration of applications and data to cloud environments (AWS, Azure, or GCP).
  • Implement and manage cloud security controls, such as access management, encryption, and logging.
  • Monitor cloud environments for security threats and vulnerabilities.
  • Ensure compliance with cloud security best practices and industry standards.

Vendor Management and KPI Monitoring

  • Establish and maintain relationships with IT vendors, ensuring adherence to contractual agreements and service level agreements (SLAs).
  • Monitor vendor performance against agreed-upon KPIs and take corrective action as needed.
  • Negotiate contracts and manage renewals with vendors to ensure cost-effectiveness and value for money.
  • Conduct regular vendor security assessments to ensure compliance with RSM South Africa's security requirements.

Department Management

  • Reporting to IT Steering Committee and Executive Leadership.
  • Manage the IT help desk and provide support to end users.
  • Develop and manage the IT budget.
  • Participate in IT strategic planning and decision-making.
  • Stay abreast of emerging IT security threats and technologies.
  • Manage and develop a team of internal IT technicians.

Qualifications and experience

  • Bachelor’s degree in computer science, Information Systems, or a related field.
  • 7+ years of experience in IT security management.
  • 5+ years of experience with cloud security and architecture
  • ISO 27001 Lead Implementer or Lead Auditor certification a plus.
  • CISSP, CISM, or other relevant security certifications.
  • Experience in the professional services industry is a plus.

Skills and competencies

Technical Skills:

  • In-depth knowledge of IT security principles and practices
  • Extensive experience with cloud security and architecture (AWS, Azure)
  • Proven track record of ISO 27001 implementation and compliance
  • Strong understanding of networking, servers, storage, and virtualization technologies
  • Experience with security tools such as firewalls, intrusion detection systems, vulnerability scanners, and SIEMs.

Leadership Skills:

  • Ability to lead and motivate a team of IT professionals
  • Strong communication and interpersonal skills, including the ability to communicate technical concepts to non-technical stakeholders
  • Ability to build relationships and collaborate effectively with stakeholders at all levels
  • Strong problem-solving and decision-making skills
  • Ability to prioritize and manage multiple tasks simultaneously

Business Skills:

  • Understanding of business operations and risk management
  • Ability to align IT security and infrastructure with business goals
  • Strong project management skills
  • Experience with IT budget development and management
  • Strong negotiation skills

To apply

To apply for this role, please send your CV to [email protected].  Should you not hear from us within 2 weeks please consider your application unsuccessful.