The Information Security Officer will be accountable for ensuring appropriate controls are in place for the security of information assets. The ISO will be the centre of competence for Information Security, providing thought leadership and acting as the focal point for security compliance-related activities and responsibilities.
Key tasks and responsibilities:
- Provide input to the IT security strategy and IT security enhancements
- Implement, maintain and ensure adherence to information security framework and information security plan
- Work with the IT leadership in the development of the IT security policy, procedures and standards
- Ensure system configuration guidelines are followed and monitors system performance for compliance with information security standards
- Clear understanding of cloud computing services/deployment architecture
- Perform risk management activities including third-party due diligence
- Provide subject matter expertise and guide information and cyber security initiatives
- Respond to security and privacy related questions from users, partners, and customers
- A diverse security background with knowledge in several cyber security tools including; firewalls; VPN technologies, IDS / IPS, network access control and network segmentation, anti-malware and spam technologies, SIEM, IAM, PAM; risk and vulnerability assessments and compliance tools
- Experience in cyber threat monitoring and response, threat remediation and threat intelligence
- Deliver security assessment services including network scanning, vulnerability testing, penetration testing, and coordinate incident response activities
- Familiarity with information security issues as it relates to web-based applications
- Review new and emerging exploits and vulnerabilities, and understand how the Group could defend against them
- Monitor and investigate security events, network and access controls
- Hands on approach to remediation of information security issues
- Collaborate the IT development and product teams to improve application and infrastructure security and compliance, and mature the security in software development lifecycle
- Drive the Information and cyber security awareness security awareness programme to educate employees about information and cyber security risks and promote good security practices
- Prepare and coordinate the completion of various data and analytics reports. Provide input on cyber security operations metrics and indicators. Report on key cyber security operations metrics and indicators to management
Experience and Qualifications Requirements:
- Bachelor’s degree in Information systems or equivalent.
- Information Security Certification such as CEH, CISM, CCSP, CISSP.
- More than 6 years’ experience in an IT security environment, including cloud security.
- Knowledge of common information security management frameworks, such as ISO/IEC 27001 and NIST, OWASP.
- Experience architecting and implementing Security technologies.
- Windows, and Linux operating systems.
- Preferred experience in ethical hacking / audit/consulting services (3 – 4 years).
- Preferred with SLDC / development / coding via multiple platforms (1 – 2 years).
- Strategic, analytical and critical thinker.
- Ability to work collaboratively with a cross-functional team.
- Execution-oriented – strong ability to execute to the highest standard.
- Ability to manage multiple projects with strong.
- Initiate and Innovate.
- Demonstrated passion, desire and dedication to on-going training and development.
- Support process Improvement.
- A strong communicator – speak plainly and truthfully.
- Ability to communicate complex ideas in a clear and easy-to-understand way.
- Excellent writing and speaking fluent business English.
Proficiency with the following programmes is required:
- MS Word.
- MS Excel.
- MS Outlook / e-mail.
- MS Explorer / Internet.
- The position will be based in Sunninghill.
- Willingness to work long hours when required.
- Report Development and Data Analysis
- Highly organised and planful
- Attention to detail and prioritisation
- Results driven
- Creative problem solving
- Analytical skills
- High sense of urgency
- Highly collaborative
- Excellent interpersonal
- Project management
- Information Systems Security Management
About The Employer:
Universal is a proud healthcare services group that is turning heads in the industry.
Our comprehensive and fully integrated portfolio of services sets a new benchmark in care management. Our brand promise is to deliver healthcare that combines business intelligence with excellence in healthcare management, packaged to meet each medical scheme and its members’ needs.
If you want to contribute significantly to the growth and development of an innovative company, be challenged in a line of work that really impacts people’s lives for good, and engage in a fantastic team environment, we’d like to hear from you.
Employer & Job Benefits:
- Medical Aid
- Funeral Cover
- 360 Degrees Loyalty Programme
- Pension Fund