To support daytoday data security operations including patch management red team exercises remediation of cyber security incidents implementation of Cyber Security road map tasks and to support and maintain a broad suite of information security infrastructure
Essential: Matric or equivalent Senior Certificate. BSC Computer Science/Engineering or any relevant IT tertiary qualification. Information Security certification (s) such as Security Cyber Security Analyst CRISC CISSP or CISA. Advantage: ITIL certification (Information Technology Infrastructure Library
Essential: Minimum of 3 5 years of experience in information security and compliance frameworks.
Advantage: Minimum 5 years of experience in IT related positions.
IT Security Planning & Monitoring:
• Architects designs implements maintains and operates information system security controls and countermeasures.
• Implement new security systems/platforms as per the Cyber Security Roadmap.
• Analyzes and recommends security controls and procedures in acquisition development and change management lifecycle of information systems and monitors for compliance.
• Analyzes and recommends security controls and procedures in business processes related to use of information systems and assets and monitors for compliance.
• Monitors information systems for security incidents and vulnerabilities; develops monitoring and visibility capabilities; reports on incidents vulnerabilities and trends.
• Responds to information system security incidents including investigation of countermeasures to and recovery from computerbased attacks unauthorized access and policy breaches; interacts and coordinates with thirdparty incident responders including law enforcement.
• Administers authentication and access controls including the creation modification and deactivation of user and system accounts security/access roles and information asset access rights.
• Analyzes trends news and changes in threat and compliance environment with respect to organizational risk; advises organization management and develops and executes plans for compliance and mitigation of risk; performs risk and compliance selfassessments and engages and coordinates thirdparty risk and compliance assessments.
• Perform patch management of endpoints and servers to ensure highest level of security on all critical systems.
• Conduct red team exercises and remediation on missioncritical systems.
• Review understand and correlate data from multiple sources not limited to user authentication events windows security event logs intrusion detections alerts proxy logs and firewall events.
Security Compliance:
• Assist with the documentation of security policies as well as promote activities and procedures to create a general awareness about the significance of security within the organization.
• Assist with the maintenance of information security policies and procedures and to ensure that the security strategies are being followed to meet the organizational security goals and standards.
• Perform Payment Card Industry(PCI) compliance and IT General Controls (ITGC) related tasks as directed.
• Assist with the monitoring of internet access utilized by employees within the Group.
• Assist with the identification investigation and resolution of security breaches.
• Develops and administers or provides advice evaluation and oversight for information security training and awareness programs.
• Manage configuration and change control records with regards to IT security system activities.
Stakeholder Liaison:
• Engage management on users that default their Cyber Security Awareness Training to ensure compliance.
• Liaise with stakeholders to perform root cause analysis and trend analysis of security threats.