Road Accident Fund (RAF) Vacancies

Below are the listed vacancies:

1. SENIOR OFFICER: CORPORATE SOCIAL RESPONSIBILITY
2. Specialist: Cyber Security and Threat Management
3. Security Architect
4. Manager: ICT and Cyber Security Management

SENIOR OFFICER: CORPORATE SOCIAL RESPONSIBILITY

Location: Centurion

Salary: R579 259.00 per annum

Purpose of the Job

• Reporting to the Manager: Corporate Social Responsibility, the successful incumbent is responsible to implement and monitor the overall CSR initiatives including the Employee Volunteerism Plan according to approved CSR framework and standard operating procedures.

Key Performance Areas

Coordinate Processes Related to the Implementation of CSR Initiatives
    Ensure that governance documents are kept up to date Coordinate the implementation of CSR programmes in line with CSR funding criteria.
    Implement initiative according to standard operating procedure.
    Identify projects to be funded for submission to the CSR committee.

Management of Disbursements According to Allocated Budget
    Maintain the budget of specific projects and spend as allocated.
    Monitor the project expenses to ensure they are within limits.
    Match the disbursements to the spend.
    Demonstrate the business value of projects.
    Submit budget related to each project to CSR committee for approval.

Project Management
    Coordinate, facilitate and manage Employee Volunteerism Initiatives in all 5 RAF Regions.
    Plan initiatives related to the Employee volunteerism plan for all regions
    Assess unsolicited funding proposals and make recommendations for qualifying proposals to the manager. 
    Ensure a standardised approach as per SOP for all projects.
    Track, monitor and report on project/s as per award letter.
    Provide advisory services on the initiatives based on allocated projects

Stakeholder Management
    Represent the RAF by meeting with senior stakeholders
    Conduct stakeholder engagements as per project (internal and external).
    Communicate to stakeholder on CSR programmes and activities
    Conduct call for proposals briefing session to shortlisted NPO’s.
    Develop CSR call for proposals content on both Internet & Intranet
    Deal with inquiries and requests for information from both internal and external stakeholders. 

Reporting
    Compile and submit reports on all CSR initiatives. 
    Contribute to the preparation and submission of Regulation reports. 
    Aid in the development of functional reporting systems, for management, project or performance reporting. 
    Report regularly and periodically, perform necessary submissions as and when required to provide progress updates and/or inform management decisions.
    Give input to the annual report

Monitoring and Evaluation
    Record keeping and effective monitoring of RAF funded CSR projects.
    Collate BBBEE documents for verification purposes.
    Ensure that projects are implemented in line with conditions of the Award.
    Contract management to ensure that all stakeholders adhere to contract terms for donations and grants
 

Technical and behavioral competencies required
    Planning, organising and coordinating.
    Personal mastery.
    Judgment and decision making.
    Ethics and values.
    Client service orientation.
    Legislation and Regulatory Knowledge
    Risk Management
    Stakeholder Management
    Reporting 
    Effective Stakeholder management.
    In-depth knowledge of BBBEE codes, NGO and CSR expertise.
    Financial understanding for the purposes of understanding proposals and budget.
    Sound judgment – able to review multiple data sources and make good, assessments and recommendations. 
    Project management skills.
    Excellent written and verbal communication skills.

Desired Experience & Qualification

    Bachelor’s Degree/ Advanced Diploma in Social Science/ Community Development related qualification.
    Relevant 4 years’ experience in Community Development/ Corporate Social Responsibility related environment.
    Project management experience will be an added advantage

Specialist: Cyber Security and Threat Management

Salary- R891 176.00

Purpose of the Job: Reporting to the Manager: ICT and Cyber Security, the successful incumbent is responsible for proactively identifying threats and vulnerabilities; detecting and mitigating cyber events; and managing cyber security incident responses to minimize service impact and provide a secure digital future for the RAF.

Threat Management

• Monitor external threat intelligence sources to stay updated on emerging threats and vulnerabilities.
• Analyze and correlate logs from various sources to identify signs of malicious activity.
• Produce regular threat intelligence reports for senior management and technical teams.
• Identify and maintain activities that provide an understanding of how to manage cybersecurity risks to systems, assets, data, and capabilities.
• Ensure continuous monitoring to provide initiative-taking and real-time alerts of cybersecurity-related events.
• Implement necessary controls that aim to safeguard or protect cybersecurity-related events.
• Assist in defining and implementing the RAF’s processes to record the security incident details.
• Perform research, testing, evaluation, and deployment of security technology and procedures.

Incidence Response

• Lead and participate in the incident response processes, ensuring a swift and effective response to detected threats.
• Coordinate with different departments during incidents, ensuring effective communication and collaboration.

Security Solutions Management

• Deploy, maintain, and optimize various cyber security tools including IDS/ IPS, SIEM, EDR, and Threat Intelligence Platforms.
• Ensure that security tools and solutions are effectively integrated and configured to maximize threat detection and response capabilities.
• Oversee vulnerability scanning and penetration testing activities.
• Collaborate with IT teams to prioritize and remediate identified vulnerabilities.

Cyber Governance

• Conduct formal information security risk analyses, reviews, tests, audits, and/ or selfassessments.
• Implement, Upgrade, maintain and Refine End-to-End Security Monitoring.
• Set-up, execute and maintain security incident management and coordinate process in conjunction with incident management capabilities.
• Analyse security breaches to determine the root cause of the violations and prepare reports that document findings and resolutions.

Policy Review and Implementation

• Contribute to the development and implementation of departmental policy, procedures and processes.
• Keep up to date with effective policy and practice execution strategies.

Reporting

• Design of status reports as well as insight reporting.
• Conduct all monitoring, reviewing, and reporting activities for systems and applications under your control.
• Prepare reports of system violations.
• Develop functional reporting systems, for management, projects, or performance reporting.
• Prepare proposals, briefings, presentations, reports, and other documentation and provide management information verbally and in report format.
•  

Stakeholder Management

• Facilitate and manage communication with relevant internal and external stakeholders in relation to ICT Security related matters and proactively and progressively manage the relationships.
• Provide guidance and support to respective IT operational staff on systems security processes, policies and security controls.
• Manage relationships with service providers or procurement teams and ensure that all relevant procured items are invoiced and paid on time.

Qualifications and Experience

• Bachelor’s Degree/ Advanced Diploma in Computer Science/ Information Systems/ Systems Analysis related qualification.
• Certifications such as CISSP, CISA, GIAC, or CEH are strongly preferred.
• Cisco Certified, Network technician (CCeNT) or related certifications will be an added advantage.
• Relevant 5 – 7 years of experience in cyber governance, risk, controls, and compliance management-related environment.
• Experience with various cyber security tools, platforms, and methodologies.
• Familiarity with different types of threats, vulnerabilities, and attack vectors.
• Management related environment.

Technical and Behavioral Competencies Required 

• Communication.
• Network and alliances.
• Planning, organising and coordinating.
• Employee engagement.
• Ethics and values.
• Change Management.
• Risk management.
• Stakeholder development and relations.
• Reporting.
• Knowledge of legal, regulatory, and privacy requirements.
• Knowledge of Data Loss Prevention, Data Replication, and Disaster Recovery Systems.
• A deep understanding of Technology Security risks and mitigating solutions.
• Knowledge NIST Cybersecurity Framework.
• Knowledge of Centre of Internet Security framework (CIS).
• Knowledge of COBIT 5, ISO27001/2 frameworks.
• Knowledge and appreciation of the wider Cyber Security issues and opportunities beyond the specific domain specialisation.
• Risk assessment skills.
• Microsoft Office Product Suite – Can efficiently utilise the various MS Office.
• Product range such as, MS Outlook, MS Excel, MS Word and MS PowerPoint.
• Operating system Security (MS, UNIX, Linux etc…).
• Database Security.

Security Architect

Salary: R1 028 791.00

Purpose of the Job: Reporting to the Senior Manager: Technology and Digital Security, the successful incumbent is responsible planning and implementing security solutions and architectures that support the organization’s vision, principles, and objectives by anticipating possible security threats and identifying areas of weakness in the Technology and Digital landscape while responding effectively and promptly to potential security breaches. This position requires deep technical knowledge, particularly in cloud environments, to design security solutions and controls for the RAF’s critical systems and data assets.

Duties & Responsibilities

Security Standards and Best Practices

• Research and stay up-to-date with the latest security systems, standards, and authentication protocols.
• Establish and maintain security policies, standards, and guidelines.
• Evaluate emerging security technologies and trends, staying ahead of potential threats.

Security Architecture

• Get a complete picture of the Organisation’s technology and information systems.
• Advocate for integrating security by design principles throughout the software development lifecycle.
• Plan, investigate, and build reliable, powerful and flexible security architectures.
• Review current system security measures and recommend and implement enhancements.
• Provide the project teams with technical leadership on cloud security projects or solutions and implementations.
• Create security standards for all IT assets, such as routers, firewalls, Cloud platforms, and other network devices.
• Establish disaster recovery procedures and conduct a breach of security drills.
• Develop Security Architecture documents for specific projects or programs clearly articulating goals, constraints and rationale for all architecturally significant decisions.
• Ensure security architecture reviews are done periodically to evaluate and address security standards adherence.
• Participate in ICT security awareness within the organization.

Manage Cloud Security Requirements

• Provide expert guidance on cloud security best practices in IaaS, PaaS and SaaS environments.
• Design and implement cloud-native security controls, tools and processes.
• Evaluate, recommend, and implement security tools and services in cloud environments like AWS, Azure and private clouds.

Identify Risks Associated with Business Processes and Systems Architectures

• Evaluate business and technology risks and develop appropriate risk treatment plans.
• Conduct security assessments of vendors, third-party partners and emerging technologies.
• Identify existing business risks related to the implementation of software design.
• Identify compliance requirements.
• Keep up-to-date with the relevant compliance measures or initiatives.

Reporting

• Develop reports or policies or procedures and guide the process through the alignment of the documents to the overall organisations’s Strategy.
• Develop functional reporting systems for management, projects or performance reporting.
• Prepare proposals, briefings, presentations, reports and other documentation and provide management information verbally and in report format.

Stakeholder Management

• Work closely with IT and business teams to meet security requirements without compromising business functionality.
• Advise on security direction and issues to senior management.
• Foster a culture of security awareness across the organization.
• Represent the Fund in relevant external activities.

Qualifications and Experience

• Bachelor’s Degree/ Advanced Diploma in Information Technology or a Computer Science related qualification.
• The Open Group Architecture Framework (TOGAF) certification or Sherwood Applied Business Security Architecture (SABSA), or Information Systems Security Architecture Professional (CISSP-ISSAP) or equivalent, is mandatory.
• Professional certifications such as Certified Cloud Security Professional (CCSP), Cloud Platforms and Infrastructure, etc., are strongly preferred.
• Relevant 5 – 7 years experience in an Architecture related environment.
• Experience in Computer and network systems, cybersecurity, and risk management.
• Experience as a technical lead and architect for security.
• Strong experience with security technologies.
• Have hands-on experience in one or more major cloud technologies (AWS, Azure).
• Experience in cloud security compliance.
• Experience in Cybersecurity risks and threats: Distributed-Denial-of-Service Attacks, Shared Cloud Computing Services, Data Loss, Phishing, and Social Engineering Attacks.
• Experience in the design, implementation, and operation of complex security architecture environments.
• Experience in designing, implementing, and testing IT and cloud security controls.
• Experience in the integration of applications in cloud-based systems is strongly preferred.
• Experience in Applications Security best practices.

Technical and Behavioral Competencies Required

• Communication.
• Network and alliances.
• Planning, organising and coordinating.
• Ethics and values.
• Change Management.
• Risk management.
• Stakeholder development and relations.
• Reporting.
• Quality management.
• Business analysis.
• Requirements and definition management.
• Business requirements.
• Research and Emerging technology monitoring.
• IT Governance.
• ICT security architecture.
• Secure operations and service delivery.
• Information assurance.
• Governance.
• Information security awareness and training.
• Third-party management.
• Vulnerability assessment.
• Business continuity planning.
• The ability to apply architectural principles to business solutions.

Manager: ICT and Cyber Security Management

Salary: R1 028 791.00

Purpose of the Job: Reporting to the Senior Manager: Technology and Digital Security, the successful incumbent is responsible for managing the protection, detection, response, and recovery of information that flows within and outside the organization. The role demands a blend of technical acumen and leadership skills to ensure the seamless and secure operation of all computer systems, related applications, hardware, and software used by the organization.

Duties & Responsibilities

Security Service Operations

• Implement, and monitor a strategic cyber security program to protect enterprise IT assets.
• Stay updated on the latest cyber threats and ensure the organization’s defenses are prepared for evolving risks.
• Implement effective incident response and recovery plans, ensuring the organization can quickly respond to and recover from security incidents.
• Manage the development of periodic reports on security operational excellence.
• Oversee risk assessments regarding cyber security and penetration testing.
• Manage the development of cyber security awareness training for the organization.
• Drive the adoption of best ICT and cyber security practices across the organization.
• Facilitate the deployment of security risk assessment for the entire business and design corresponding mitigation measures.
• Provide technical advice on requirements and specifications for strengthening existing and new building security systems.
• Manage the supervision of hired security personnel to ensure compliance with all security procedures in place and maintain a high standard of physical security.

Policy Review and Implementation

• Contribute to developing and implementing departmental policy, procedures, and processes.
• Keep up to date with effective policy and practice execution strategies.
• Ensure the organization complies with regulatory requirements and industry best practices related to ICT and cyber security.

Reporting

• Development of functional reporting systems, for management, project, or performance reporting.
• Ensure regular and periodic reports are reviewed and submitted as and when required to provide progress updates and/ or inform management decisions.
• Substantial experience in reviewing proposals, briefings, presentations, reports, and other documentation and providing management information both verbally and in report format.

Stakeholder Management

• Facilitate and manage communication with relevant internal and external stakeholders about investments and proactively and progressively manage the relationships.
• Manage relationships with vendors, service providers, or procurement teams and ensure all relevant procured items are invoiced and paid on time.
• Communicate with all levels of stakeholder contact.
• Represent the Fund in relevant external activities and events.

People Management

• Lead, mentor, and develop the ICT and Cyber Security teams, fostering a culture of continuous improvement and innovation.
• Manage resource allocation, including budgeting for system maintenance, upgrades, and security projects.
• Ensure the sourcing, development, and retention of a high-performance team.
• Manage staff in the department to ensure that they achieve their objectives in line with the strategic objectives of the RAF.
• Manage the implementation of human capital processes and procedures to control/regulate workplace conflict and institute corrective measures and consultation processes to address standard deviations.
• Allocate, direct, motivate, and evaluate subordinates to help them achieve their individual goals.

Qualifications and Experience

• Bachelor’s Degree/ Advanced Diploma in Information Technology or Computer Science related qualification.
• A Postgraduate in Information Technology or Computer Science related qualification will be an added advantage.
• Being a Certified Information Systems Security Professional (CISSP), CISM, CISA, or similar certifications is preferred.
• Relevant 6 – 8 years’ experience in an Information Technology/ Risk Management related environment, of which 2 years must have been on a management/ supervisory level/ area of expertise.
• Relevant certifications such as CISSP, CISM, CISA, or ITIL are advantageous.
• Strong understanding of current ICT technologies, cyber security trends, and best practices.

Technical and Behavioral Competencies Required

• Communication.
• Network and alliances.
• Planning, organising and coordinating.
• Ethics and values.
• Change Management.
• Risk management.
• Stakeholder development and relations.
• Reporting.
• Thorough knowledge on Management of Information Secuirty Systems (MISS) and MPSS.
• Knowledge on Information security strategy and management.
• Knowledge on Information security gap, maturity and compliance assessments.
• Information security and/ or privacy awareness and training.
• MS Office Skills.
• Knowledge of National Information Security Policy.
• Knowledge of physical, personnel, document, communication, and IT security.
• Knowledge of principles of security investigations.

Click here to apply

All the best with your applications