Senior Manager Information & Cyber Security

Listing reference: agsa_000091
Listing status: Online
Apply by: 23 July 2026
Position summary
Industry: IT & Internet
Job category: IT-Architecture
Location: Pretoria
Contract: Permanent
EE position: Yes
Introduction
The Senior Manager: Information & Cyber Security is responsible for establishing and maintaining the enterprise vision, strategy, architecture, and a multi-year roadmap that ensures that the company’s information assets are adequately protected. A key element of this role is communicating information security at a strategic level to executive management (Exco), the Audit Committee, and the ICT Steering Committee and evangelizing information security awareness across the business to drive adoption of security best practices. This position reports to the Business Unit Leader: ICT
Job description

Strategic Function
  • Provide strategic inputs to the strategy of the business unit (BU) and manage the output of the centre to ensure implementation of the BU balance score card (BSC) initiatives.
  • Develop and implement a strategic, long-term information security strategy and roadmap to ensure that AGSA’s information assets are adequately protected.
  • Ensure the integrity, confidentiality, availability and accessibility of information and systems by authorised users based on appropriated standards.
Product Management
  • Lead the information risk management for the AGSA.
  • Responsible for establishing and maintaining the enterprise vision, strategy, and security program to ensure information assets and technologies are adequately protected.
  • Direct staff in identifying, developing, implementing, and maintaining processes across the enterprise to reduce information an IT risks.
  • Manage the development, implementation, and maintenance of the AGSA’s information security and privacy policies, standards, guidelines, baselines, processes, and procedures in compliance with state and federal regulations and standards.
  • Develop and lead the AGSA’s incident response and investigation procedures and processes.
  • Provide support in the development of disaster recovery and business continuity plans and procedures.
  • Serve as a member of the leadership team and communicating security related concepts to a broad range of technical and non-technical employees.
  • Lead the AGSA information security program; monitoring and reporting on information security activities and compliance across all business units.
  • Perform security assessments on the acquisitions of technology products, tools, and services.
    Provide guidance and advocacy of security issues regarding prioritization of infrastructure investments that impact information security.
  • Develop contingency plans and manage security breaches.
  • Monitor information security trends and keeping AGSA senior management informed about security related issues and activities.
  • Lead the evaluation, selection and implementation of information security solutions that are innovative, cost-effective, and minimally disruptive.
  • Lead incident response planning and the investigation of security breaches, and assist with any associated disciplinary, public relations and legal matters.
  • Review ICT audit reports and follow up with information security audit findings owners in respect of actions to close the findings.
  • Facilitate the resolution of information security audit / compliance exceptions.
  • Act as the champion for the enterprise information security program and foster a security-aware culture
  • Create and maintain reporting, problem resolution, and other tasks necessary for continuous improvement and evolution of information security risk management and compliance services.
Stakeholder management
  • Chair the information security forum or task team to monitor and respond to information security events and incidents.
  • Partner with enterprise architects, infrastructure, and applications teams to ensure that technologies are developed and maintained according to security policies and guidelines.
  • Develop and maintain key relationships within the ICT management team and staff, the Office of the CIO and Risk and Ethics team (Enterprise Risk Management) and AGSA internal and external auditors
  • Working with AGSA Enterprise Risk management and IT functional area owners to satisfy internal and external audit requirements.
  • Build and maintain positive and value-adding relationships with internal and external stakeholders.
  • Create strategic partnerships with relevant stakeholders to enhance product development and conduct continuous and regular environmental scanning to enhance products and AGSA value proposition.
  • Scan the environment to ensure a clear understanding of internal stakeholder needs.
  • Communicate the (ICT) strategy and objectives to both internal and external stakeholders to ensure understanding of these by all relevant stakeholders.
  • Liaise with stakeholders and ensure that the organisation remains relevant and in-line with industry standards.
  • Provide support and guidance to internal stakeholders on products design and meet their requirements.
  • Engage with both internal and external stakeholders to identify and evaluate performance barriers and success in order to continuously improve on the service delivery.
  • Ensure a well-considered value chain among colleagues within the BU and ensure complementarity of work and promote teamwork.
  • Manage service level agreements (SLAs).
People Management
  • Cascade the BU BSC at centre level.
  • Provide leadership and direction for the centre and manage team performance to drive productivity.
  • Motivate, coach and mentor staff to ensure maximum productivity and development of the staff to their full potential.
  • Determine the mix and level of capability required to enable the centre to support BU and organisational objectives.
  • Contribute to transformation/culture plans.
Financial management and operational management
  • Compile the centre budget and contribute to the development of the business unit’s budget.
  • Manage the centre expenditure.
  • Ensure compliance with internal processes and procedures.
  • Manage supply chain processes.
  • Contribute to the risk assessment activities in the BU.
Other responsibilities (Applicable to All JD’s)
  • Perform and/or manage other projects, tasks and assignments not stipulated on the Job description as and when required.

Minimum requirements

Formal Education
This position requires a minimum qualification of a Bachelor’s Degree (NQF level 7) in Computer Science / Information Technology or equivalent qualification. The certifications in CCISO or CISA or CISM or CISSP or any other security related certification will be an added advantage.
 
Experience
Minimum of at least 10 years of IT Security or Cybersecurity experience or IT Security Compliance or IT Security Governance and 5 years of managerial experience. A proven track record in developing information security policies and procedures, and successful execution.
 
Closing Statement
The AGSA is not responsible for the verification of data provided and shall not be liable for any errors, factual, transcription or otherwise, contained in the information posted. Therefore, ensure that your online application and CV is correct, accurate and up to date.
To successfully upload documents on the career site, ensure that the document name does not contain any special characters.
This appointment is subject to the preferred candidate obtaining the necessary security clearance, reference checking and competency assessment. We embrace and committed in achieving employment equity within the organisation. Auditor General welcomes applications from all persons with disabilities
Closing date: 22 July 2026
NB: Please note that only shortlisted candidates will be contacted. Should you not hear from us within four weeks, kindly consider your application unsucessful.

Our website uses cookies so that we can provide you with the best user experience. By continuing to use our website, you agree to our use of cookies.