Job Purpose:
Information Security Analyst will be responsible for managing the organizations security posture to ensure the protection of systems, networks and sensitive data against security threats, computer viruses and other related cyber-security attacks.
Qualifications:
- BSc (Computer Science or Information Systems) – essential
- CISSP/CISA/ CCSP advantageous
- Beneficial MCSE (Security) or CompTIA Security+ qualification.
Knowledge and Experience:
- 3 to 5 years working experience in information security.
- Knowledge of IT Security and Risk Management frameworks, policies, standards, and technologies ISO27001/2
- Good understanding of Infrastructure Security controls and how to monitor and measure effectiveness.
- The ability to define problems, collect data, establish facts, and draw valid conclusions
- Malware Management Knowledge.
- Vulnerability and Patch Management.
- Understanding of Identity and Access Management processes and controls.
- Global Threats understanding
- System and network exploitation, attack pathologies and intrusion techniques (such as denial of service, sync attacks, malicious code, password cracking, etc.).
- Technical understanding/skill set in Linux, Java, Windows.
- Demonstrate and understanding of Networking/Firewalling Knowledge and TCP/IP
- Good understanding of Infrastructure Security controls and how to monitor and measure effectiveness
- OS/Application VM Knowledge
- Web monitoring solutions
- Data leakage on end points
- Virtual server protection
- Database monitoring
- Desktop Firewall and IPS solutions
Key responsibilities:
- Participate in IT security projects aimed at improving IT security in the PPS environment.
- Participate during the planned and unplanned IT systems recovery process through recovering the IT.
- Stay current with IT security knowledge and skills to maintain professional expertise and relevant.
- Keep abreast of changes in the standards, technologies or methodologies and threats
- Understating of the Incident Management Processes to restore a normal service operation as quickly as possible and to minimize the impact on business operations, thus ensuring that the best possible levels of service quality and availability are maintained.
- Management of the anti-malware products in the environment or similar products
- Management of Data Loss Prevention systems
- Provide input to monitoring and logging requirements of new infrastructure components and new systems
- Management of the security information and event management (SIEM) services
- Providing guidelines for intrusion prevention and detection mechanisms which safeguard against hacker vulnerability, unauthorized user access
- Promote user awareness of information security requirements and practices
- Prepare draft reports for discussion with information and system owners.
- Assist with Information Classification processes.
- Define and implement new review processes as required.
- Document issues and risks and escalate to Information and system owners.
- Liaise with Information owners re the status of controls on information assets.
- Liaise with Information Security Manager and other stakeholders on findings and rectification actions.
- Providing critical input into the disaster recovery and business continuity plans to reflect and address changes in the IT environment
Strategic Orientation
- Astute knowledge and understanding of the PPS vision, strategy, and customer/member value proposition.
- Is creative and innovative and always seeks opportunities for ongoing improvement of the relationship between the team and various stakeholders.
- Ability to manage multiple priorities effectively within a fast-paced environment.
- Excellent organizational skills and string attention to detail.
Communication
- Strong ability to communicate effectively with all stakeholders face-to-face or electronically
- Is articulate and communicates in a logical way and structures information to meet the needs and understanding of intended audiences
- Expresses opinions, information, and key points of view clearly and assertively
- Is confident in conceptualizing, building, and presenting plans related presentations
- Anticipates and responds appropriately to the needs, reactions, and feedback of an audience
- Good networker
- Open, flowing communication is important
- Position requires working with and through others, especially in a helping role
- There is a need for a persuasive, “selling” (rather than “telling”) communication style
Commercial Acumen
- Strong knowledge of IT Security Standards and Best Practices
Computer Literacy
- Good computer skills in Microsoft Word, and Excel is essential
Interpersonal and Intrapersonal Skills
- Must be able to apply innovative and effective administration techniques
- Analytical skills
- Ability to work in a team and independently
- Planning and organizing
- Good written and verbal communication skills
- Accuracy
- Initiative
- Monitoring
- Interpersonal skills
- Collaboration skills
- Achievement Orientation
- Ability to work standby and afterhours
- Self-Starter
- Flexibility