Job Description

Information Security Manager

Responsibilities

Strategic Leadership & Governance

Develop and maintain The Companys enterprise-wide cybersecurity strategy aligned with business objectives and regulatory requirements.
Establish and enforce security governance frameworks, policies, and standards.
Ensure alignment with the NIST Cybersecurity Framework (Identify, Protect, Detect, Respond, Recover) and Joint Security Standards.
Lead the implementation of relevant security compliance initiatives.
Collaborate with divisional CIOs and executive leadership to align security posture across business units.
Monitor emerging threats, regulatory changes, and industry trends to inform strategic decisions.

Architecture & Identity Management

Design secure solutions for hybrid environments (on-premises + Azure).
Integrate security into infrastructure and application projects.
Manage identity and access controls, including Azure AD, MFA, and privileged access management.

Security Operations

Manage day-to-day security monitoring, incident handling, and threat intelligence.
Administer Microsoft 365 security features: Defender for Endpoint, Purview, Sentinel, Conditional Access, etc.
Ensure endpoint, network, and cloud security controls are effectively implemented and monitored.
Implement and enforce BYOD policies, including MDM, DLP, and secure access controls.
Secure branch office networks, including firewalls, VPNs, segmentation, and remote access protocols.

Financial Management

Develop and manage the annual cybersecurity budget, including licensing, tools, training, and consulting services.
Track and report on security-related expenditures, ROI, and risk mitigation outcomes.
Support procurement and vendor management for security solutions.

Cyber Security Operations Center (SOC) Oversight

Oversee 24/7 SOC operations to ensure effective threat detection, incident response, and escalation.
Define SOC roles, workflows, and incident response playbooks.
Integrate SIEM, SOAR, and threat intelligence platforms for proactive defense.
Monitor and improve KPIs such as MTTD (Mean Time to Detect) and MTTR (Mean Time to Respond).
Coordinate with external threat intelligence providers and law enforcement when necessary.

Security Technology Lifecycle Management

Oversee the deployment, maintenance, and upgrade of security technologies including Microsoft 365 E3/E5 and Hailstone platforms.
Ensure timely patching, configuration updates, and feature adoption.
Maintain compatibility and integration of security tools with The Companys hybrid infrastructure.
Document system configurations and update operational procedures regularly.

Risk Management & Compliance

Conduct regular risk assessments, vulnerability scans, and penetration tests.
Ensure compliance with POPIA, GDPR, NIST CSF, JSS, and other relevant regulations and frameworks.
Maintain a risk register and track mitigation actions.
Coordinate internal and external audits and ensure timely remediation of findings.

Awareness, Education & Training

Lead organization-wide cybersecurity awareness programs.
Deliver targeted training for IT, business, and executive teams.
Promote secure behavior and incident reporting culture.

Team Leadership & Culture

Build and lead a high-performing cybersecurity team including SOC analysts, engineers, and compliance specialists.
Define clear roles, responsibilities, and performance expectations.
Conduct regular coaching, performance reviews, and career development planning.
Foster a culture of accountability, innovation, and continuous improvement.
Promote cybersecurity awareness and ownership across all departments.

Reporting

Prepare operational and executive-level reports on security posture, risk exposure, and compliance status.

Minimum Requirements

Bachelors degree in Computer Science, Information Technology, or related field.
8+ years of IT Security experience, with at least 5 years in a leadership role.
Industry-recognized certifications: CISSP, CISM, or equivalent.
Microsoft Certified: Cybersecurity Architect Expert.
GIAC Security Operations (GSOM) or equivalent SOC certification.
Familiarity with scripting (PowerShell, Bash) and automation tools.

About Boardroom Appointments - Global Human and Talent Capital

Boardroom Appointments is a global specialist in Recruitment, Contract Staffing, Project Staffing, Temporary Employment Solutions, Training, HR Consultancy and Expatriate Mobility that operates extensively in Africa, EMEA, America, and Europe.

We have been industry leaders since 1989. Our dynamic team of recruitment and labour professionals has serviced hundreds of clients and placed thousands of candidates in various industries across the globe. We have gained invaluable insight and experience into global market trends and human resource workings.

We have specialized divisions that enhance our ability to service all clients in the following industries:

- FMGC

- Finance, Banking and Insurance

- Manufacturing and Processing

- Oil and Gas, Mining, Engineering and Construction

- Medical, Pharmaceutical and Health Care

- Logistics and Supply Chain

- Information Technology, Media and Telecommunications

- Waste Management and Sanitation Services

- Renewable and Alternative Energy

- Retail and Commercial Property

- Agriculture and Production

- Government and Public Services

- Call Centre and Customer Support Services

Today, Boardroom Appointments has a global candidate database and network, servicing clients around the world with all their Human Capital needs.

This experience allows clients to rely on us FULLY for all their talent needs, both permanent and temporary, while they focus on their core business.

We custom design solutions to perfectly fit our client's recruitment needs and form long-lasting relationships based on quality service and flawlessly fulfilled deliverables.

Our team is comprised of passionate and driven individuals who strive to maintain the best and most professional service to our clients.

We are focused, passionate, and we love what we do.

Industry

Unknown

Company Size

51-200 employees

Headquarters

Bedfordview, ZA

Year Founded

1989

Website

boardroom.co.za

Social Media

Information Security Manager

Job Description

Information Security Manager

Responsibilities

Strategic Leadership & Governance

Develop and maintain The Companys enterprise-wide cybersecurity strategy aligned with business objectives and regulatory requirements.

Establish and enforce security governance frameworks, policies, and standards.

Ensure alignment with the NIST Cybersecurity Framework (Identify, Protect, Detect, Respond, Recover) and Joint Security Standards.

Lead the implementation of relevant security compliance initiatives.

Collaborate with divisional CIOs and executive leadership to align security posture across business units.

Monitor emerging threats, regulatory changes, and industry trends to inform strategic decisions.

Architecture & Identity Management

Design secure solutions for hybrid environments (on-premises + Azure).

Integrate security into infrastructure and application projects.

Manage identity and access controls, including Azure AD, MFA, and privileged access management.

Security Operations

Manage day-to-day security monitoring, incident handling, and threat intelligence.

Administer Microsoft 365 security features: Defender for Endpoint, Purview, Sentinel, Conditional Access, etc.

Ensure endpoint, network, and cloud security controls are effectively implemented and monitored.

Implement and enforce BYOD policies, including MDM, DLP, and secure access controls.

Secure branch office networks, including firewalls, VPNs, segmentation, and remote access protocols.

Financial Management

Develop and manage the annual cybersecurity budget, including licensing, tools, training, and consulting services.

Track and report on security-related expenditures, ROI, and risk mitigation outcomes.

Support procurement and vendor management for security solutions.

Cyber Security Operations Center (SOC) Oversight

Oversee 24/7 SOC operations to ensure effective threat detection, incident response, and escalation.

Define SOC roles, workflows, and incident response playbooks.

Integrate SIEM, SOAR, and threat intelligence platforms for proactive defense.

Monitor and improve KPIs such as MTTD (Mean Time to Detect) and MTTR (Mean Time to Respond).

Coordinate with external threat intelligence providers and law enforcement when necessary.

Security Technology Lifecycle Management

Oversee the deployment, maintenance, and upgrade of security technologies including Microsoft 365 E3/E5 and Hailstone platforms.

Ensure timely patching, configuration updates, and feature adoption.

Maintain compatibility and integration of security tools with The Companys hybrid infrastructure.

Document system configurations and update operational procedures regularly.

Risk Management & Compliance

Conduct regular risk assessments, vulnerability scans, and penetration tests.

Ensure compliance with POPIA, GDPR, NIST CSF, JSS, and other relevant regulations and frameworks.

Maintain a risk register and track mitigation actions.

Coordinate internal and external audits and ensure timely remediation of findings.

Awareness, Education & Training

Lead organization-wide cybersecurity awareness programs.

Deliver targeted training for IT, business, and executive teams.

Promote secure behavior and incident reporting culture.

Team Leadership & Culture

Build and lead a high-performing cybersecurity team including SOC analysts, engineers, and compliance specialists.

Define clear roles, responsibilities, and performance expectations.

Conduct regular coaching, performance reviews, and career development planning.

Foster a culture of accountability, innovation, and continuous improvement.

Promote cybersecurity awareness and ownership across all departments.

Reporting

Prepare operational and executive-level reports on security posture, risk exposure, and compliance status.

Minimum Requirements

Bachelors degree in Computer Science, Information Technology, or related field.

8+ years of IT Security experience, with at least 5 years in a leadership role.

Industry-recognized certifications: CISSP, CISM, or equivalent.

Microsoft Certified: Cybersecurity Architect Expert.

GIAC Security Operations (GSOM) or equivalent SOC certification.

Familiarity with scripting (PowerShell, Bash) and automation tools.

About Boardroom Appointments - Global Human and Talent Capital