Job Advert Summary
This exciting opportunity exists in the Information Systems Division based at our Support Office in Kenilworth, Cape Town.
The Information Security Analyst is responsible for operationally supporting Information Security efforts by executing the required operational tasks (Security Operations / SecOps) within the Infrastructure team of the Information Services Division in support of Pick n Pay’s policies, standards and procedures as it relates to Information Security. The role requires the incumbent to work with both internal PnPs’ IS and Information Risk & Privacy resources as well as work closely with IS outsourced service providers in order to deliver the required activities.Minimum RequirementsRelevant tertiary qualification essential
Minimum of 1-4 years in IT Support, Information Security or IT Administration essential
Experience working in a multi-vendor and outsourced IT environment preferable
Experience working with Microsoft operating systems (Windows XP to Win 10, Server 2008 to 2019) and Microsoft solutions. I.e. Microsoft Configuration manager, Threat management gateway, Microsoft Azure, etc. preferable
Experience working with Linux operating systems and firewall and networking technologies preferableDuties and ResponsibilitiesUnderstand, diligently follow and contribute to (mature) the IS Security Posture of Pick n Pay through operational implementation of and compliance to IS Security Policies, Standards, Processes and Procedures.
Document and enforce security-related Standard Operating Procedures and baselines.
Support daily/weekly/monthly operational IT security support services (vulnerability, phishing and malware management, etc.) to support efforts to address security weaknesses and counter / respond to security-related incidents.
Assist in the resolution of identified PCI-DSS gaps and audit findings within the scope of Security Operations.
Detect and investigate possible information security incidents through monitoring of applicable dashboards / and reporting tools (risky sign-ins, SIEM alerts, email traces, DLP alerts).
Drive remediation of issues relating to ongoing vulnerability management and penetration testing programs across various accountable IS Business Units.
Determine root cause of infected systems, data breaches, etc and develop tools / processes to address future risk by documenting security related incident reports as per agreed processes.
Perform internal security assessment in the form of internal penetration tests / vulnerability scans / other security reviews as deemed appropriate by management.
Assist with Internal & External Security Audits.
Working closely with outsourced partners within the IT space.
Oversee outsource partner deliverables.
Maintain up to date knowledge of Information Security and related IT security best practices, including the evaluation of relevant emerging technologies, opportunities and threats.
Actively promote the importance and value of good Information Security practices.CompetenciesA good understanding of general business as well as Information Security issues and processes
Ability to track down process / system security risks to root cause and advice on improvements / solutions
Ability to problem solve and perform root cause analysis
Ability to work under pressure and in a timeous manner to meet deadlines
Self-motivator and detail oriented
Ability to maintain strict confidentialityAdditional InformationBehavioural Competencies:
People oriented; Problem Solving ability;Attention to detail; Patience; Team player; Absorbs pressure positively