www.nersa.org.za

1 _____ The National Energy Regulator (NERSA) is a regulatory authority established as a juristic person in terms of Section 3 of the National Energy Regulator Act, 2004 (Act No. 40 of 2004). NERSA s mandate is to regulate the electricity, piped-gas and petroleum pipeline industries in terms of the Electricity Regulation Act, 2006 (Act No. 4 of 2006), Gas Act, 2001 (Act No. 48 of 2001) and Petroleum Pipelines Act, 2003 (Act No. 60 of 2003). The structure of the Energy Regulator consists of nine members, five of whom are part-time and four are full-time, including the Chief Executive Officer (CEO). The Energy Regulator is supported by a secretariat under the direction of the CEO. The Energy Regulator wishes to recruit personnel with appropriate competencies in the following area: ICT Project Manager Department: Information and Communication Technology (ICT) Package: R772 R1 227 per annum (CTC) (Ref.)

2 HR 18/17) Requirements: A Degree or Diploma in Project Management A PMBOK or Prince 2 Certification and knowledge of ICT environments. Minimum five (5) years or more experience in managing ICT systems implementation projects Experience in managing ICT service providers and large teams. Experience in implementation of project management tools Experience within a regulatory environment, especially within the Petroleum Pipelines, Pipe-Gas and Electricity industries (advantage). The candidate must be competent in the following: IT systems implementation Negotiation skills Analytical skills Time management Problem-solving skills Computer Literacy (MS Excel, Word, Power Point and Microsoft Project) Communication (verbal and written) Report writing and presentation skills Project Management.

3 Key responsibilities: The role encompass establishing, enhancing and maintaining appropriate project management discipline for ICT projects within NERSA in line with standards of good practice. The role will also include successful implementation of ICT projects in accordance with NERSA s business expectations and technical requirements. Reporting to the HOD: Information and Communication Technology, the incumbent will Define, enhance and maintain a NERSA s ICT Project/Portfolio Management methodology Develop NERSA s ICT Project/Portfolio Management capability Ensure that NERSA s ICT Project/Portfolio Management methodology complies with standards of good practice ( PMBOK and Prince2) and regulatory requirements ( PFMA and Corporate Governance of ICT Policy Framework) Ensure that NERSA s ICT Portfolio Management process encompasses the following minimum requirements/activities.

4 (Strategic alignment, Financial management ,Risk management, Performance management, Benefits management, Capacity management, Communication and stakeholder management) Ensure that NERSA s ICT Project Management process encompasses the following minimum requirements/activities: (Business alignment, Risk management, Vendor and supplier management, Cost management, Human resource management, Quality _____ management, Change and issue management, Organisational change, Project tracking and monitoring, Benefits realization) Ensure that NERSA s ICT Project Management process for system development, enhancement or acquisitions (for both applications and infrastructure) encompasses the following minimum requirements/activities: Business case development, System and/or technology selection and procurement, Project initiation, System design activities, System configuration/programming activities, System testing activities, Pre-go live activities, Go live activities, Project sign off and close activities.

5 Assist in other related duties for ICT project implementation Assist to develop and implement procedures for ICT contract management and administration in compliance with the organisation s policy Serve as the point of contact for vendors on contractual matters. Act as contractual middleman between NERSA and ICT vendors, ensuring timely review and approval /reconciliation of variations Ensure that signed contracts are communicated to all relevant parties to provide contract visibility and awareness, interpretation to support implementation Monitor Vendor transaction compliance (milestones, deliverables, invoicing etc.) Oversee Service Level Agreement Compliance Evaluate appropriateness of vendor licence and maintenance agreements Oversee contract close-out, extension or renewal Oversee delivery activities associated with Vendor Management Solution Programs Manage a delivery team to ensure timely and accurate Vendor deliveries Build positive and productive working relationships with Vendors for business growth Analyse and troubleshoot delivery issues in a timely fashion Ensure that project team maintains high level of competence and operational excellence Develop process improvements to achieve cost effectiveness and time saving Monitoring the contractor s progress and performance to ensure goods and services conform to the contract requirements Monitoring contractor activity on a specified frequency to identify problem areas Meeting with the contractor on a regular basis to review progress.

6 Discuss problems and consider necessary changes. Project Administration: Maintain appropriate records relating to Vendor Contracts Assist with proposal planning and administration of contracts Track authorizations and correspondence Maintain detailed and organized files Maintain an audit file for each contract which will include original contract, all correspondence, changes/deviations, amendments, clarifications, payment schedules Prepare and disseminate information to appropriate employees regarding contract status, facilitate contractor meetings Ensure that contractor is in compliance with legal requirements, owner specifications and government regulations Track payments and deadlines Provide contract summaries and ensure contract execution in accordance with the organisation s policy.

7 ICT Governance and Security Specialist Department: Information and Communication Technology (ICT) Package: R772 R1 227 per annum (CTC) (Ref. HR 19/17) Requirements: A Degree or Diploma in Information Technology or Computer Science. Industry related certification or ISACA certification in CGEIT, CISA Certified Information Systems Security Professionals (CISSP) Certified in Risk and Information Systems Control (CRISC) Certified Information Security Manager (CISM), COBIT, ISA and/or King III/IV Standards. Minimum five (5) years experience in ICT Security and Governance Experience and working knowledge of ITIL processes. Experience in managing security incidents. The candidate must be competent in the following: Knowledge of relevant ISO standards such as ISO9000 Knowledge of network operating systems, network infrastructure, systems development, database design, office products (productivity tools) and business analysis Skills in audit methodologies especially within ICT environment Project Management skills Negotiation skills Problem-solving skills _____ High level of computer skills Able to demonstrate a clear understanding of business, process needs and risks Analytical skills Good communication skills (written and verbal) Strategic planning skills Interpersonal skills Change management skills Cybersecurity knowledge.

8 Key responsibilities: Reporting to the HOD: Information and Communication Technology, the incumbent will be responsible for the implementation, change management and maintenance of corporate governance and governance of ICT and for safeguarding information system assets by identifying and solving potential and actual security threats at NERSA. The incumbent will: Ensure compliance with relevant legislation such as the Corporate Governance of ICT Policy Framework and King III/IV Develop, maintain and implement ICT Security strategy, ICT policies, standards and guidelines to establish controls to address risks, and operate ICT effectively and efficiently Monitor and report on compliance with the NERSA Security Policy, ICT policies, standards, guidelines and related procedures Develop and manage a roadmap for information security related to internal controls, compliance, regulatory and a proactive risk mitigation plan Advise business units on regulatory, compliance (POPI, PAIA etc)

9 And/or legal requirements as it relates to securing of data as well as project manage internal controls to mitigate threats Liaise with internal and external auditors and work with the ICT function to ensure compliance with all internal and external audit requirements and assist with developing control deficiency remediation plans Ensure ICT management and staff are aware of responsibilities related to internal and external ICT audits, audit observations/deficiencies, responses and corrective action ownership Develop, maintain and report on the ICT and information security risk register Monitor external standards and risk/control trends to determine if internal ICT practices are aligned with industry, regulatory and/or customer expectations Perform and report on ICT and information security risk assessments to identify and mitigate security weaknesses, vulnerabilities and security threats Develop, monitor and report on the security of the IT infrastructure including the NERSA network.

10 Firewalls and systems Recommend and implement security mitigation activities Implement measures to prevent unauthorized access by defining access controls and privileges to the NERSA network and information and communication systems Establish relevant internal control metrics and audits to measure outcomes and performance related to security Participate in any project-related work to address technology compliance Coordinate communications related to ICT Governance, Risks, and Controls Provide information and communication security training to employees to ensure the security of the IT infrastructure Plan and coordinate any required ICT governance trainings Assist the HOD: ICT in reporting on ICT matters to the ICT Steering Committee, ICT Strategic Committee as well as any other Committees.