The Role: Investment company searching for an Information Security Threat Analyst to provide Information Security Assurance services: implementation, monitoring, enforcement and reporting for all technology systems and services as required by the Enterprise Architecture Information Security precepts and to contribute to the design of current and future information security technology systems and services in support of the IT strategy. Skills and Experience: Essential Experience:
- 7 years IT work experience including 3+ years Information Security Specialist experience
Essential Qualification:
- University degree in Information Technology or equivalent
- Certification / Qualification in Information Systems e.g. Certified ethical hacker (CEH), CISSP (Certified Information Systems Security Professional), CEH (Certified Ethical Hacking), and Cisco Security qualification (CCSP)
- Post grad University Degree in Information Technology discipline, CISSP
- LCEH: Certified Ethical Hacker, CISSP Certification Cisco Certified Security Professional
Key Accountabilities: Key Performance Areas:
- Provide strategic thinking and contributions to crafting of departmental business plan based on professional knowledge and experience, to ensure delivery of focus areas for the year in support of IT strategy
- Apply cost effectiveness principles in planning and delivery to contribute to achievement of divisional financial targets
- Ensure consistent results are delivered by continuous measurement against standards and SLAs
- Ensure delivery of the application services based aspects of the Information security roadmap
- Provide input into the formalization for the divisional budget
- Ensure own deliverables stay within the agreed project scope, timelines and budget
- Contribute to the design and evolution of the Enterprise Architecture Information Security precepts in the mitigation of current and future threats to existing technology systems and services and those being considered for adoption by providing thought leadership, guidance and specialist input through information security knowledge and fit for purpose product suggestions
- Ensure systems, products or projects delivered contributes to improve client/investment service by providing input on budgets, resources required and process based on the understanding of costs, business objectives and relationship with external suppliers and stakeholders
- Contribute as professional taking responsibility for both operational and strategic initiatives
Stakeholder Relationship Management:
- Ensure collaboration with the ISO (Information security Officer, Enterprise Architecture, Solution Architects, Application developers, other ITD teams and other stakeholders
- Act as the security ambassadors in the community by propagating security awareness across all staff at all opportunities to get buy in from the community
- Build strategic Investment company / Industry/ Global network and relationships utilising social media, attending and presenting at conferences and training interventions