Senior Manager: Information Systems Audit (Cybersecurity)

Formal Education: This position requires a minimum qualification of National Qualifications Framework (NQF) Level 8 (i.e. 4-year Bachelors Degree/ National Diploma Postgraduate Diploma), e.g. B Com with specialisation in Auditing and/or Information Technology Certified Information Systems Auditor (CISA) or equivalent (e.g., a recognised IT auditing certification) At least one of the following: Offensive Security Certified Professional (OSCP) or equivalent (e.g., CEH) Certified Incident Handler (ECIH/ GCIH) or equivalent (e.g., CRIA) Experience: Minimum of 6 years experience post qualification with at least 4 years experience operating at a manager/middle management level Extensive experience in managing cybersecurity and network security audits, with a strong understanding of networked environments that support various application hosting infrastructures, including Windows-based operating systems, as well as MSSQL and Oracle databases Extensive experience in conducting cybersecurity maturity assessments, particularly within the Southern African context. This includes a strong ability to position insights and control recommendations for clients, guided by leading frameworks such as NIST CSF, ISO 27001/2, CIS, and COBIT System Analysis: Deep understanding of Penetration testing (pen-testing) methodologies (e.g., MITRE ATT&CK) and ethical hacking principles Deep understanding of a cyberattack incident response, incident response frameworks (NIST 800-61, SANS PICERL), and forensic analysis (post-incident investigation)