(497) Technical Cyber Security Consultant X2 - BSTD

Brief description

The main purpose of this position is to provide consulting services on the evaluation and development of security controls and drive security design deliverables aligned with architectural artifacts, and to critically evaluate current security controls. 

Detailed description

The successful candidate will be responsible for the following key performance areas:

• Advise and drive security minded thinking to ensure effective consideration of security control objectives across the SARB Group, while optimising processes.
• Provide technical direction, oversight, coaching and mentoring to BSTD team members in the operational and development landscape regarding security controls, ensuring the delivery of secure implementations.
• Define, design and optimise effective security mechanisms that enable secure business processes.
• Research and stay abreast of the threat landscape and the latest developments to mitigate cyber and system security risks, aligned to governance controls for systems on-premises and in the cloud.
• Identify security requirements, from business requirements, and define and guide the development and maturing of controls to enable a mitigated business risk.
• Liaise with security architects and technical teams as well as security service providers to share best practices and insights both within SARB Group and the industry.
• Assess the effectiveness and completeness of existing architectural artifacts and security patterns and provide direction on artifacts and pattern expansion in order to reduce the SARB Group’s risk posture.
• Evaluate implemented security controls and mechanisms for their effectiveness and identify gaps to improve and extend the use of such controls.
• Guide and ensure effective compliance measurement interpretation in order to ensure effective SARB Group risk posture reporting across all domains.
• Create, and provide input into the maintenance and definition of, security policies, frameworks and standards in accordance with corporate governance including the Bank’s policies, procedures and other legislative requirements.
• Develop and evaluate Requests for Information (RFIs) and Requests for Proposals (RFPs) for security specific solutions and provide guidance on security requirements for business solutions.
• To act on management requests to address or mitigate risks in the SARB Group environment as identified.
• To play a consulting role in responding to critical security incidents within the SARB Group as a member of the Incident Response team (CSIRT).

Job requirements

To be considered for this position, candidates must be in possession of:

• A minimum of a BSc. Computer Science Honours / BSc. Engineering Honours (NQF 8) plus Industry specific qualifications OR equivalent;
• CISSP qualification is required.
• 8–10 years’ experience in an information security function with at least 3-5 years of job-related experience in application/infrastructure/cloud security design and consultation.

Additional requirements include:

• Other industry specific qualifications such as SSCP, CCSP, CSSLP, CISM, TOGAF etc.  will be advantageous to aid in the selection of the focus area between applications and infrastructure both on premises and cloud.
• Application security design.
• Data security design.
• Infrastructure security design.
• System integration.
• ICT industry standards.
• Information security.
• Services design.
• Architecture views and viewpoints design.
• Threat and Risk Analysis.
• IT governance, risk and compliance.
• Security frameworks and standards such as ISO 27000-series, NIST, etc.

In line with the SARB’s commitment to diversifying its workforce, preference will be given to suitable candidates from designated groups. People with disabilities are welcome to apply.

The SARB offers remuneration and benefits commensurate with the level of the position and in line with the market. The level at which the successful applicant will be appointed will depend on his/her competence and experience.

About SARB

 

Primary mandate of the SARB

 

Section 224 of the Constitution of South Africa states the mandate of the SARB as follows:

The primary object of the South African Reserve Bank is to protect the value of the currency in the interest of balanced and sustainable economic growth in the Republic.

The South African Reserve Bank, in support of its primary objective, must perform its functions independently and without fear, favour or prejudice.

 

WHAT WE DO

 

Monetary Policy

 

The Constitution gives the SARB the mandate to protect the value of the rand. We use interest rates to keep inflation low and steady.

 

Financial Stability

 

The SARB has a mandate to protect and enhance financial stability. We identify and mitigate systemic risks that might disrupt the financial system.

 

Prudential Regulation

 

The Prudential Authority regulates financial institutions and market infrastructures to promote and enhance their safety and soundness, and support financial stability.

 

Financial Markets

 

Open market operations are the main tool we use to implement monetary policy. We manage South Africa’s gold and foreign exchange reserves.

 

Financial Surveillance

 

The SARB is responsible for regulating cross-border transactions, preventing the abuse of the financial system and supporting the regulation of financial institutions.

 

Payments and Settlements

 

The SARB is responsible for ensuring the safety and soundness of the national payment system, which is the backbone of South Africa’s modern financial system.

 

Statistics

 

The SARB provides important economic and financial statistics that present an overview of the economic situation in South Africa.

 

Research

 

Research conducted by the SARB focuses on economics, financial stability, banking and emerging trends in finance. Our research supports policy decision-making.

Banknotes and Coin

 

The SARB has the sole right to make, issue and destroy banknotes and coin in South Africa.