Aviation Security Risk Management Specialist

The South African Civil Aviation Authority (SACAA) has an exciting opportunity in our Aviation Security department. We are looking for a talented individual with the relevant skills and experience who will:
- develop and manage an Aviation Security Risk Management System.
- develop and monitor Cyber Security Governance Framework, incorporating norms and standards for managing cyber security within the aviation industry.
- ensure SACAA achieves its objectives and goals of protecting civil aviation data systems from malicious electronic attacks (unlawful interference) and developing means to deal with the consequences of such attacks.
**AVIATION SECURITY RISK MANAGEMNET FRAMEWORK**
- Develop and maintain an Aviation Security Risk Management Framework for the South African Aviation industry.
- Guide the South African Aviation industry on the implementation of a security risk framework and risk management.
- Establish and manage a security risk assessment and the mitigation process for the aviation industry.
- Establish a security data collection and analysis system.
- Maintain the Aviation Security National Risk Context Statement up to date and collate data to inform the Statement.
- Engage all stakeholders on prevailing aviation security risks as well as mitigation measures to be implemented periodically.
**AVIATION CYBER SECURITY FRAMEWORK OVERSIGHT AND REVIEW**
- Develop and oversee the implementation of the cybersecurity framework and strategy, and overarching aviation risk strategy, ensuring effective implementation across the civil aviation industry.
- Receive and review for approval Cyber Security Strategies and DRP periodically from aviation industry stakeholders.
- Lead the identification, implementation, and mitigation of security mechanisms.
- Participate in the development of future standards and requirements in collaboration with industry peers.
- Lead, develop, manage and maintain the cybersecurity governance deliverable lifecycle including ICAO standards.
**MANAGEMENT OF CYBER SECURITY INCIDENTS**
- Develop and implement security incident management, response, and recovery strategies.
- Advise the Operators on the potential impact on cyber governance/risk/compliance requirements.
- Provide support for the implementation of risk mitigation strategies when required.
**MANAGEMENT OF THE NON-CONFORMANCE REPORTING SYSTEM AND DATABASE**
- Manage the development and monitoring of the non-conformance database, and analysis of trends.
- Communicate with Operators on new trends and threads concerning cyber security in the aviation environment.
**LIAISON AND CONSULTATION**
- Establish a consultative structure for the aviation industry
- Develop strategy and monitor implementation
- Provide feedback to SACAA
- Participate in relevant structures within the aviation industry, risk management and cyber security
**M**inimum Qualification**:
- National Diploma or equivalent NQF Level 6 qualification in Computer Science/ Information Technology or related qualification
- Risk Management certificate would be advantageous
**Ideal Qualification**:
- Cyber Security certification (CISM, CISA, CISSP)
- Quality Management certificate
- Information Security certification
**Experience**:
- 5 years Risk Management including Cyber Security
**Closing Date**: