JOB TITLE: MANAGER: ICT SECURITY AND GOVERNANCE
CONTRACT TYPE: PERMANENT
JOB GRADE: COMPETITIVE SALARY ALIGNED TO NHBRC SALARY GRADES
REPORTING TO: CHIEF INFORMATION OFFICER
SECTION: BUSINESS MANAGEMENT SOLUTIONS
LOCATION: HEAD OFFICE, SUNNINGHILL JHB
KEY DELIVERABLES
The Manager: ICT Security and Governance is responsible for developing, implementing, and overseeing the organisation’s ICT security and governance strategies to safeguard systems, data, and infrastructure.
The Individual will primarily be responsible for, but not limited to the following:
• Develop and implement a comprehensive ICT security strategy aligned with organizational goals.
• Oversee the deployment and management of cybersecurity technologies, including firewalls, intrusion detection/prevention systems, endpoint protection, and SIEM solutions.
• Identify, assess, and mitigate cybersecurity threats and vulnerabilities.
• Establish and enforce ICT security policies, standards, and procedures.
• Manage and test disaster recovery (DR) and business continuity plans (BCP) to ensure resilience against cyber incidents.
• Develop and implement ICT governance frameworks, policies, and processes in alignment with industry best practices (e.g., COBIT, ITIL).
• Ensure the organization complies with applicable laws, regulations, and standards, such as ISO 27001, POPIA, GDPR, or other relevant frameworks.
• Collaborate with business units to align ICT governance with corporate governance and strategic objectives.
• Provide strategic oversight and leadership to the Project Management Office (PMO) to ensure the efficient execution of all ICT projects in alignment with established project management methodologies, standards, and best practices.
• Conduct regular audits and reviews of ICT systems, processes, and compliance adherence.
• Establish a risk management framework to identify, analyze, and address ICT security and governance risks.
• Monitor and report on ICT risks, incidents, and mitigation measures to senior management and the board.
• Lead the development of security awareness training programs for employees to minimize human risks.
• Collaborate with Audit, Risk, Governance and Compliance functions in respect of monitoring and implementing compliance processes
• Lead and mentor the ICT Security and Governance team, fostering a culture of accountability, innovation, and excellence.
• Manage relationships with external vendors and partners, ensuring the delivery of security services and solutions within agreed SLAs.
• Drive collaboration with other departments to ensure security and governance are embedded in all ICT initiatives.
• Establish security monitoring tools and processes to proactively detect and respond to incidents.
• Provide regular reports on ICT security, compliance, and governance metrics to stakeholders.
• Ensure effective incident response plans are in place and lead investigations into significant security breaches.
• Stay informed of emerging cybersecurity threats, trends, and technologies.
• Recommend and implement innovative solutions to enhance the organization’s ICT security posture and governance capabilities.
• Responsible for functional budget and overall financial management of the ICT security and governance Section
• Manage ICT security and governance Service Level Agreements (SLA) with service providers
• Ensure cost optimisation measures are in place within the Section
• Implement and effectively manage the approved budgets, procurement plans, report variances, and monitor the implementation of remedial actions to minimise impact
• Build client relations by demonstrating professionalism, appropriate self-confidence, a facilitative communication style, and constructive response to client needs
• Maintain positive interpersonal relationships with team members and others by demonstrating productivity, initiative and flexibility
• Educate management on ICT security and governance concepts by using internal control frameworks and other leading practices to design adequate and effective internal controls
• Establish and maintain lines of communication and systems of reporting within the organisation
• Make presentation on ICT security and governance activities within the NHBRC
MINIMUM REQUIREMENTS:
• Bachelor’s degree in Computer science, Information Security or Information Technology
• Minimum of 5 years of experience in management of Enterprise ICT security environment.
• At least one of the following:
o CISSP (Certified Information Systems Security Professional)
o CISM (Certified Information Security Manager).
o CRISC (Certified in Risk and Information Systems Control).
o CEH (Certified Ethical Hacker)
o ISO 27001 certification.
• Proven experience in implementing security frameworks, policies, and ICT governance best practices.
• Deep knowledge of cybersecurity technologies (e.g., SIEM, endpoint protection, firewalls, and threat intelligence platforms).
• Proficiency in ICT governance frameworks such as COBIT, ITIL, and ISO 27001.
APPOINTMENT:
The above-mentioned position will be offered on a permanent basis with a Total Cost To Company package.
ENQUIRIES:
Please note the following contact details are for enquiries about JOB CONTENT ONLY and NOT for application purposes.
Mr. Jabulani Ntshani
Tel: (011) 317 0496
CLOSING DATE: 22 April 2025
APPLICATION PROCESS:
Please email your CV to recruitment@nhbrc.org.za with “Manager: ICT Security and Governance” in the subject line. Applicants are informed that correspondence will be limited to short-listed candidates only. If notification of an interview is not received within 1 month after the closing date, candidates may regard their application as unsuccessful.
Disclaimer: The National Home Builders Registration Council (NHBRC) will consider all applications in terms of its Employment Equity Plan. The NHBRC reserves the right not to make an appointment. Candidates will be subjected to appropriate psychometric testing and other selection instruments. In conjunction to merit on the basis of qualifications, experience and proven achievements the National Home Builders Registration Council is committed to providing equal employment opportunities for persons with disabilities and those individuals from the historically disadvantaged groups.