Cyber Security - Implement and enhance a risk-based cybersecurity strategy, governance and protocols able to protect the organization’s data and information at all times. Manage cybersecurity threats and incidences through the understanding, detection and analysis of potential emerging and actual information security threats and vulnerabilities, and the implementation of control measures to minimize or avoid the impact thereof on systems availability and business operations. Lead and direct the selection, utilization and adoption of cybersecurity products and associated licensing models for the organization. Identify and implement suitable tool sets to manage the security environment. Guide the development of monitoring and tracking systems for potential and emerging cybersecurity threats and control measures and manage cyber incidents efficiently to minimize its impact on the availability of systems and disruption of business operations. Manage the operations and controls of the Information Security Management System (ISMS) in line with KING3 and ISO 27000. Compile incident reports and submit to Management for decision-making purposes. Manage the implementation of key information security projects. Obtain internal and external security intelligence for investigation of security incidents. Manage investigations, responses and actions of information security incidents. Write incident reports and submit to the Head for decision-making purposes. Identify, apply and ensure adherence to good information security practices. Source and implement security measures to required business standards and requirements. Ensure that identified Business Continuity risks are mitigated and addressed. Investigate calls related to the recovery of deleted files by analyzing and interpreting data linked to crime, and uncovering links between events, groups and individuals through the pursuit of data trails. Maintain detailed records of investigations for audit purposes and to be used as evidence in court

Monitoring - Scan and monitor all IT cyber security domains (i.e. networks, firewalls, anti-virus, mobile devices, patch management) on a continuous basis. Ensure regular updating of network anti-virus, spyware, malware and greyware software. Monitor the governance aspects related to the IT security to ensure relevant standards are maintained. Perform continuous threat and vulnerability management monitoring. Analyze and assess potential security risks and assist in the development of plans to deal with such incidents by putting measures in place such as firewalls and encryption, and monitoring and auditing systems for abnormal activity. Develop and maintain a risk management program that includes periodic reviews, risk prioritization, and implementation of controls. Make recommendations based on various monitoring outputs to improve the security posture of the organization. Monitor the governance aspects related to IT security within ATNS to ensure required standards are maintained. Monitor compliance with policies and procedures related to ICT Security. Prepare IT security reports for submission to the Integrated Security Forum

Security Investigation Management - Manage the investigation of security incidents/events to ensure that the IT security posture remains intact. Ensure that forensic investigations receive the support required. Operate and control the Information Security Management System (ISMS) in line with KING 3 and ISO 27000 governance requirements. Manage the implementation of key information security projects. Conduct information gathering on internal and external security intelligence for investigation into security incidents. Write incident reports and submit to the Head for decision-making purposes. Identify and implement suitable tool sets to manage the security environment. Ensure effective management of security events. Develop, enforce, and regularly update security policies, standards, and procedures

Stakeholder Relations Management - Maintain constructive and productive stakeholder relations across the business, and with vendors and relevant external parties to support collaboration and alignment. Manage outputs by third-party suppliers to ensure optimum value

Governance, Compliance, Risk Management & Reporting - Develop, implement and manage organization-wide ICT security processes, standards and protocols to ensure the availability, integrity and confidentiality of information resources. Develop and maintain a national governance and accountability framework for civil aviation cyber security. Develop and maintain a risk management program that includes periodic reviews, risk prioritization, and implementation of controls. Ensure compliance with all IT policies, procedures and standards relating to IT security systems. Ensure that security architecture meets the minimum performance and availability requirements and that it is in line with the overall ICT strategy and cyber security requirements of the organization. Manage configuration and change control records with regards to IT security systems activities. Develop, implement and monitor information security and disaster recovery plans for ATNS T&I in accordance with organizational and regulatory information security standards. Manage the dependencies between the various areas of the business and ensure that all the security components are aligned. Ensure and report on the IT Disaster Recovery exercises that are conducted with business on all IT security systems and make recommendations for continuous improvement in order to ensure business continuity. Identify key risks and develop and implement effective mitigating plans and actions to avoid or minimize relevant risks, and report and raise these risks in the appropriate forums. Conduct high level security audits. Manage IT risk audits to provide an integrated view of key IT-related risks. Ensure compliance with relevant regulation and legislative requirements including POPIA, GDPR, and ECT. Lead internal audits and coordinate with external auditors to address compliance gaps and implement remediation plans. Ensure that effective data recovery plans are in place to ensure business continuity in case of a disaster or potential threats. Ensure adherence and compliance with the relevant regulatory framework. Select, apply and ensure adherence to good information security practices. Identify the key IT security risks across the business and raise in applicable forums. Ensure that the Business Continuity risks related to cyber security are mitigated and addressed. Manage the dependencies between the various areas of the business and ensure that all security components are aligned. Ensure training of all users on the applicable compliance and governance requirements. Ensure timely compilation and submission of all required reports (internal and external) to ensure compliance with all governance requirements

Financial Management - Participate in the planning and development of the security management budget. Manage delegated expenditure in line with business objectives and priorities, and within approved financial parameters. Report on all costs incurred against the approved budget, including possible variances. Ensure compliance with Finance policies, processes and guidelines

People Management - Manage employees in accordance with HC policies and processes. Ensure that new employees have been properly on-boarded and trained prior to commencing work. Monitor the time and attendance of subordinates, take appropriate action in the case of absenteeism, and report to the Head and Human Capital. Participate in the conclusion of performance management contract(s) and monitor performance. Manage the performance of direct reports in line with the performance management process. Conduct talent reviews of staff as required by the HC Talent Management process. Mentor and coach staff as required to ensure continuous development and availability of the required at all times. Ensure the transfer of knowledge and skills to enable sustainability within Capacity Planning from a succession management perspective. Develop a robust cybersecurity culture through structured training and awareness programs to capacitate the ATSEPs from end to end i.e. Cybersecurity Education, Training and Skills. Ensure that staff is managed in accordance with HC policies, processes and practices. Ensure continuous development of staff. Ensure that staff remain suitably trained to achieve expected performance outcomes in a dynamic technology environment. Create and maintain a harmonious and effective work environment to support a motivated, high-performance culture. Educate and upskill development teams and managers on secure coding practices, OWASP standards, and other IT security-related subjects

Interested applicants are requested to register their CV’s and apply on https://atns.ci.hr/ by no later than 03 September 2025.

If you have not been contacted within 3 weeks of the closing date of this advert, please accept that your application was unsuccessful.

ATNS is an equal opportunity employer that strives to achieve a diverse workforce broadly representative of our people. This position will be filled in line with the objectives of ATNS’ Employment Equity Plan and therefore candidates from designated groups, as per the Employment Equity Act of 1998, are encouraged to apply.

People with disabilities are encouraged to apply.