This role is responsible for the security of the organisations computer systems, networks and ensuring that all platforms are protected. This role involves analysing existing security measures/controls and creating new and enhanced security measures. This role will also implement security measures that effectively safeguard sensitive data in the event of a cyber-attack. This is a highly collaborative role that is part of a larger team dedicated to cybersecurity and involves frequent interaction with various members of the IT team. In addition, this role will be responsible for collecting threat intelligence and automating systems to consume threat feeds and track adversaries. The role is also responsible for the development and execution of large-scale cyber security initiatives and requires a professional with problem-solving abilities who can work in a fast-paced environment and has a clear passion for cybersecurity and related technologies.Job Objectives
- Provide assurance through collaboration with other stakeholders that all IT platforms meet the organisations security requirements.
- Provide security recommendations.
- Recommend innovative technologies or other methods that will enhance the security of IT environments.
- Develop standards, policies and procedures as well as best practices documentation.
- Translate security and technical requirements into business requirements and communicate security risks to different audiences ranging from business leaders to engineers.
- Influence multi-disciplinary teams in implementing and operating cyber security controls.
- Work closely with application developers to deliver creative solutions to complex technology challenges and business requirements.
- Automate security controls, data and processes to provide better metrics and operational support.
- Stay current on emerging security threats, vulnerabilities and controls.
- Identify and implement new security technologies and best practices.
- Identify, investigate, and respond to information security event and work with Digital Forensics and Incident Response teams.
- Identify new security threats by conducting continual monitoring, vulnerability assessments and log analysis.
- Assist with installation or processing of new security products and procedures.Monitor networks and systems for security incidents.
- Understand complex technical issues and managing them within a fast-paced business environment.
- Conduct proactive research to analyze security weaknesses and recommend appropriate solutions.
Qualifications
- Academic qualifications in computer science, cybersecurity, or any related field.
- Recognised industry certifications in cybersecurity such as CISSP.
Experience
- At least 5 years of experience in the Information Technology field.
- At least 3 years of experience and hands-on expertise in cybersecurity.
- Expertise across a variety of security products including firewalls, EDR, SIEM, WAF, IAM, PAM, DLP and encryption solutions.
- Knowledge of services related to cloud compute, network, storage, content delivery, administration and security.
- Good understanding and exposure to Information Security standards, architecture and models.
- Hands on knowledge of automation and DevSecOps skills.
- Good understanding of software development principles, including design patterns, code structure, programming languages, continuous integration, continuous deployment, and deployment orchestration.
- Experience in creating new ways to solve existing production security issues and recommending security enhancements.
- Experience in Incident Response: including the ability to document, any security threats, resolve technical faults and allocate resources to deliver real solutions in a cost-effective way.
Required Skills
- Strong technical skills, including experience with Linux and Windows operating systems, scripting languages, and cloud provider ecosystems.
- Excellent attention to detail, as they must constantly monitor systems to ensure there are no external threats.
- Strong problem-solving skills in order to swiftly and deal with threats or flaws in the environment.
- Skilled in discussing complex security issues in understandable business terms.
- Detailed knowledge of system security vulnerabilities and remediation techniques.
- Ability to recommend solutions based on use cases and business requirements.
- Stay- abreast with emerging technologies and threats and ability to proactively assess and evaluate the adoption thereof in the organization.
- The commercial acumen to provide cost-effective security solutions.
- An enthusiasm for staying up to date with the very latest updates about security threats and solutions.