Aviation Security Risk Management Specialist

Aviation Security Risk Management Specialist

SACAA | Midrand, GT, ZA

Posted 22 days ago

Apply Now

Description


Aviation Security Risk Management Specialist
SACAA
2023-01-13 Midrand

Job Ref #: SA-28
Industry: Aviation
Job Type: Permanent
Positions Available: 1
PURPOSE OF THE JOB The South African Civil Aviation Authority (SACAA) has an exciting opportunity in our Aviation Security department. We are looking for a talented individual with the relevant skills and experience who will develop and manage an Aviation Security Risk Management System.



Job Description


PURPOSE OF THE JOB

The South African Civil Aviation Authority (SACAA) has an exciting opportunity in our Aviation Security department. We are looking for a talented individual with the relevant skills and experience who will:

develop and manage an Aviation Security Risk Management System.
develop and monitor Cyber Security Governance Framework, incorporating norms and standards for managing cyber security within the aviation industry.
ensure SACAA achieves its objectives and goals of protecting civil aviation data systems from malicious electronic attacks (unlawful interference) and developing means to deal with the consequences of such attacks. 

AVIATION SECURITY RISK MANAGEMNET FRAMEWORK

Develop and maintain an Aviation Security Risk Management Framework for the South African Aviation industry.
Guide the South African Aviation industry on the implementation of a security risk framework and risk management.
Establish and manage a security risk assessment and the mitigation process for the aviation industry.
Establish a security data collection and analysis system.
Maintain the Aviation Security National Risk Context Statement up to date and collate data to inform the Statement.
Engage all stakeholders on prevailing aviation security risks as well as mitigation measures to be implemented periodically.

AVIATION CYBER SECURITY FRAMEWORK OVERSIGHT AND REVIEW

Develop and oversee the implementation of the cybersecurity framework and strategy, and overarching aviation risk strategy, ensuring effective implementation across the civil aviation industry.
Receive and review for approval Cyber Security Strategies and DRP periodically from aviation industry stakeholders.
Lead the identification, implementation, and mitigation of security mechanisms.
Participate in the development of future standards and requirements in collaboration with industry peers.
Lead, develop, manage and maintain the cybersecurity governance deliverable lifecycle including ICAO standards.

MANAGEMENT OF CYBER SECURITY INCIDENTS

Develop and implement security incident management, response, and recovery strategies.
Advise the Operators on the potential impact on cyber governance/risk/compliance requirements.
Provide support for the implementation of risk mitigation strategies when required.

MANAGEMENT OF THE NON-CONFORMANCE REPORTING SYSTEM AND DATABASE

Manage the development and monitoring of the non-conformance database, and analysis of trends.
Communicate with Operators on new trends and threads concerning cyber security in the aviation environment.

LIAISON AND CONSULTATION

Establish a consultative structure for the aviation industry
Develop strategy and monitor implementation
Provide feedback to SACAA
Participate in relevant structures within the aviation industry, risk management and cyber security


Job Requirements


M inimum Qualification:

National Diploma or equivalent NQF Level 6 qualification in Computer Science/ Information Technology or related qualification
Risk Management certificate would be advantageous

Ideal Qualification:

Cyber Security certification (CISM, CISA, CISSP)
Quality Management certificate
Information Security certification

Experience:

5 years Risk Management including Cyber Security

Closing Date: 27 January 2023

All SACAA appointments are subject to S98 of the Civil Aviation Act, 13 of 2009 and all successful candidates will be subjected to security vetting. Employment Equity candidates will be prioritised in line with Employment Equity Plan. If you have not heard from the SACAA 90 days after the closing date, consider your application unsuccessful.