Trust Administrator Jobs in Western Cape

About the job

Closing Date2023/03/10 Reference NumberMMH221117-5 Job TitleInformation Security Operations Manager Position TypePermanent Role FamilyInformation Technology ClusterHealth Solutions Remote OpportunitySome of the time Location – CountrySouth Africa Location – ProvinceWestern Cape Location – Town / CityBellville Introduction

Momentum Health Solutions (MHS), an entity of the Momentum Metropolitan Group (MMG), delivers sustainable, integrated health solutions that meet the needs of clients in the different segments to maximise lifetime client value. We build and maintain a culture of innovation and create value through unique insights of how to achieve specific outcomes by using a defined set of Health capabilities. This is an operational role and is based at our Head Offices in Parc du Cap, Bellville, Cape Town.

Role Purpose

The organization is looking for a highly motivated individual who is able to work at in a mid-level leadership level to ensure that Information Security management controls within the IT Business Unit operations capability are well managed and operate within the risk appetite of the Health business and that of the Momentum Metropolitan Group.

The role will be positioned within the Health Business Unit IT Operations team who report into the Head of Business Unit IT Operations. The team’s purpose is to ensure that IT operations for the business unit are stable, operate as expected and are secure.

The candidate is accountable for the oversight and execution of the information security and cyber controls implemented within the Health Business Unit technical ecosystem and will work with the Momentum Health Solutions IT Governance and Risk team to ensure that the Information Security strategy is clearly understood and that information security controls are implemented as required by the Information Security Management System adopted against ISO27001.

The candidate is required to work with the IT management team to bring clarity to the IT operation staff on the intention and requirements of the ISMS. In terms of operational execution, the candidate will carry the responsibility of working closely with control owners to ensure that identified Information security risk is treated and that controls operate as designed.

Requirements

• Tertiary education. Relevant certification or National Diploma will suffice.
• A minimum of 7 years’ technical IT operations experience, 3 years of which should be at team leader or specialist level.
• Must have managed or participated (at least a team leader) on an initiative to implement an international standard for operational management controls.

Desired Skills

• Information Security
• Risk Management
• Stakeholder Management
• Analytical And Problem Solving
• Communication (written and verbal)
• Computer Literacy

Desired Work Experience

• Health industry – administration of medical aids
• Outsource or supplier of IT services – systems of record, infrastructure or development services
• Client service industry – provision of IT services to call centers

Duties & Responsibilities

• Monitor, track, and direct reporting on the execution of Information Security management controls.
• Ensure that the technical team understand ownership responsibilities and activities required to treat IS risk and implement management controls.
• Support control owners at a technical level during the design and implementation of new controls.
• Consult with the Information Security Officer as well as technical specialists on the appropriate treatment of Information and Cyber risk.
• Participate in the review and establishment of Information Security management controls.
• Responsible for the maintenance of a Risk and Controls Register for Information Security work.
• Represent the single point of accountability and contact for operational security controls.
• Ensure that evidence is retained, centrally stored and available for audit purposes.
• Engage at a management level on matters of IS Risk as required by the management team.
• Participate in Information Security due diligence work associated with the adoption of SaaS, IaaS or during acquisition of new business partners or 3rd party suppliers.
• Be responsible for ensuring the Cyber Security controls as prescribed by Momentum Metropolitan Health (SANS CIS CSC) are applied and managed within the Health Business.
• Be responsible for ensuring the Technology and Information related controls as guided by ISO27002 :2022 are applied and managed within the Health Business.
• Support the Health Cyber Response team during cyber incidents.
• Work with the Group Information Security team to ensure that Health participates and executes on group driven information security initiatives and projects.
• Support the incident response team with facilitation and writing of Root Cause reports.

Competencies

• Knowledge and experience implementing and monitoring information security operational controls against best practice standards.
• Stakeholder management – across all levels of an organisation
• In-depth understanding of relevant legislation, policies, procedures, processes, practices related to information security, and risk management
• Experience with report writing and presentation.
• Organisational, analytical, interpersonal, and problem-solving skills
• Outstanding communication skills (both verbal and written)
• Excellent computer literacy and experience in the application of software tools including (MS Word, PowerPoint, Excel, Internet and Outlook