Lead: Threat Management

The Road Accident Fund’s mission is to provide timely and equitable assistance to those affected by motor vehicle accidents through the provision of appropriate social benefits to ensure financial relief and recovery for qualifying individuals.

Purpose of the Job: Reporting to the Manager: Cyber Security Operations, the successful incumbent is responsible for proactively identifying threats and vulnerabilities, detecting and mitigating cyber events and managing cyber security incident responses to minimize service impact and provide a secure digital future for the RAF.

Key Performance Areas

Threat Intelligence and Analysis

• Monitor external threat intelligence sources to stay updated on emerging threats and vulnerabilities.
• Analyze and correlate logs from various sources to identify signs of malicious activity.
• Identify and maintain activities that provide an understanding of how to manage cybersecurity risks to systems, assets, data, and capabilities.
• Ensure continuous monitoring to provide proactive and real-time alerts of cybersecurity-related events.
• Implement necessary controls that aim to safeguard or protect cybersecurity-related events.
• Assist in defining and implementing the RAF’s processes to record the security incident details.

Incident Response

• Lead and participate in the incident response processes, ensuring a swift and effective response to detected threats.
• Coordinate with different departments during incidents, ensuring effective communication and collaboration.

Security Solutions Management

• Ensure that security tools and solutions are effectively integrated and configured to maximize threat detection and response capabilities.
• Oversee vulnerability scanning and penetration testing activities.
• Collaborate with IT teams to prioritize and remediate identified vulnerabilities.

Cyber Governance

• Conduct formal information security risk analyses, reviews, tests, audits, and self-assessments.
• Set up, execute and maintain security incident management and coordinate process in conjunction with incident management capabilities.
• Analyse security breaches to determine the root cause of the violations and prepare reports that document findings and resolutions.

Policy Review and Implementation

• Contribute to developing and implementing departmental policy, standards and procedures, and processes.
• Keep up to date with effective policy and practice execution strategies.
• Develop Threat Inteligence standard guidelines and procedures.

Reporting

• Design status reports as well as insight reporting.
• Conduct all monitoring, reviewing, and reporting activities for systems and applications under your control.
• Prepare reports of system violations.
• Develop functional reporting systems, for management, projects, or performance reporting.
• Regularly assess cyber risks associated with organizational assets and operations.

Stakeholder Management

• Facilitate and manage communication with relevant internal and external stakeholders in relation to investments and proactively and progressively manage relationships.
• Provide guidance and support to respective IT operational staff on systems security processes, policies, and security controls.

People Management

• Ensure that good employee relations are maintained.
• Provide ongoing operational support to employees.
• Ensure that allocated resources are used optimally through enforcing monitoring systems in place.

Qualifications and Experience

• Bachelor’s Degree/ Advanced Diploma in Computer Science/ Information Systems/ Systems Analysis related qualification.
• CISSP/ CISA/ GIAC or CEH certifications are advantageous.
• Cisco certified/ Network Technician (CCeNT) or related certifications will be an added advantage.
• Relevant 5 - 7 years of experience in cyber governance, risk, controls and compliance management related environment of which 2 years must be on a supervisory level.
• Experience with various cyber security tools, platforms, and methodologies.

Technical and behavioral competencies required.

• Communication.
• Network and alliances.
• Planning, organising and coordinating.
• Ethics and values.
• Change Management.
• Risk management.
• Stakeholder development and relations.
• Reporting.
• Knowledge of legal, regulatory, and privacy requirements.
• Knowledge of Data Loss Prevention, Data Replication, and Disaster Recovery Systems.
• Possess thorough knowledge of technology security risks and effective solutions for mitigating them.
• Knowledge NIST Cybersecurity Framework.
• Knowledge of the Centre of Internet Security Framework (CIS).
• Knowledge of COBIT 5, ISO27001/2 frameworks.
• Have a comprehensive understanding and recognition of the broader Cyber Security concerns and possibilities outside of one's specific area of expertise.
• Risk assessment skills.
• Microsoft Office Product Suite - Can efficiently utilize the various MS Office—product range such as MS Outlook, MS Excel, MS Word, and MS PowerPoint.
• Operating system Security (MS, UNIX, Linux, etc.).
• Database Security.
• Familiarity with different types of threats, vulnerabilities, and attack vectors.

NB: “RAF offers Total Employment Cost packages with no additional contributions from the Employer, successful candidates are required to structure their packages in a manner that will suit their needs”.

The Road Accident Fund subscribes to the principles of employment equity and preference will be given to People with Disabilities.

Applicants who have not received any correspondence from us within six weeks from the closing date can consider themselves unsuccessful.

Security Vetting shall be conducted on all prospective employees.

It is the applicants’ responsibility to have foreign qualification evaluated by the South African Qualification Authority (SAQA) and to provide proof of such evaluation.