TASK AND RESPONSIBILITIES:   

Strategy & Planning

·        Create and maintain Kalagadi’s security architecture design.

·        Create and maintain Kalagadi’s security awareness training program.

·        Create and maintain Kalagadi’s security documents (policies, standards, baselines, guidelines and procedures).

·        Be a key contributor in the development and maintenance of Kalagadi’s Business Continuity Plan and Disaster Recovery Plan.

Acquisition & Deployment

·        Maintain up-to-date knowledge of Information Security best practice in the mining industry, including awareness of new/improved security solutions and processes, as well as the development of new attacks and threat vectors.

·        Recommend and lead the acquisition of security solutions and services to improve the overall enterprise security posture.

·        Oversee the deployment, integration and configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures and the enterprise’s policies, procedures and standards.

Operational Management

·        Ensure the confidentiality, integrity and availability of the data residing on or transmitted to/from/through IT/OT devices and networks.

·        Ensure the enforcement of Information Security policies, procedures and baseline standards.

·        Supervise all investigations into suspected and confirmed data/privacy compromise and breaches.

·        Supervise the design and execution of vulnerability assessments, penetration tests and security audits.

·        Perform regular security awareness training for all employees to ensure consistently high levels of awareness, competence and compliance with best practice and approved policies.

·        Engage in ongoing communications with peers and stakeholders to ensure enterprise-wide education and understanding of information security risks.

FUNCTIONAL KNOWLEDGE:  

·        Extensive experience in IT and OT Information Security architecture design.

·        Extensive experience in information security governance.

·        Strong understanding of SIEM, SOAR, XDR and EDR technologies.

·        Knowledge of common attack vectors, TTPs (Tactics, Techniques, and Procedures), and cybersecurity frameworks (e.g., MITRE ATTCK, NIST, ISO 27001).

·        Fundamental understanding of operating systems (Windows, Linux), networking concepts (IP, DNS, TCP/IP), and common security protocols.

·        Experience in designing and/or implementing comprehensive employee security awareness training.

·        Experience in managing staff and third-party suppliers.

·        Technical knowledge of industrial control systems, e.g. SCADA/PLC.

·        Familiarity with cloud platforms Azure, M365, AWS, GCP etc.

PERSONAL ATTRIBUTES :

·        Proven analytical and problem-solving abilities.

·        Ability to effectively prioritise and execute tasks in a high-pressure environment.

·        Good written, oral, and interpersonal communication skills.

·        Ability to present ideas in business-friendly and user-friendly language.

·        Highly self-motivated and directed.

·        Keen attention to detail.

·        Team-oriented and skilled in working within a collaborative environment.

BEHAVIOURAL COMPETENCIES  

Embodying conduct and approach that is rooted in the afro-centric value system of Ubuntu, that seeks to promote Kalagadi’s core values that are DIRECT, deliberate and outcomes oriented:

v  Dignity

❖ Integrity

❖ Respect

❖ Ethics

❖ Collaboration

❖ Transparency

• Minimum 7 years’ practical experience in an Information Security role.
• Minimum 3 years’ experience in a Team Lead or managerial role