THE JOB AT A GLANCE
As the Information Security Specialist, you will be reporting into the Chief Technology Officer. You will be responsible for building in security during the development stages of software systems, networks and data centres. You will be responsible for searching of vulnerabilities and risks in hardware and software and close off security vulnerabilities when a potential threat or attempted breach is found. You will also be required to secure enterprise information by determining security requirements, planning, implementing and testing of security systems to detect, prevent and resolve security threats to the installed computer systems and to maintain the integrity and confidentiality of company data and information systems.
WHAT WILL YOU DO?
Security Management:
- Deploy, manage and maintain all security controls and their corresponding or associated software
- Ensure the confidentiality, integrity and availability of the data residing on or transmitted through systems
- Manage the implementation and execution of Data-Loss strategies
- Ensure the enforcement of enterprise security documents
- Manage security for local and wide area networks
- Design, perform, and/or oversee penetration testing of all systems in order to identify system vulnerabilities
- Design, implement, and report on security system and end user activity
- Supervise all investigations into problematic activity and provide on-going communication with senior management
- Recommend, schedule (where appropriate), and apply fixes, security patches, disaster recovery procedures, and any other measures required in the event of a security breach
- Supervise the design and execution of vulnerability assessments, penetration tests and security audits
- Engage in ongoing communications with peers in the Systems and Networking areas accordingly
- Manage and/or provide guidance to other members of the team
- Helping users in the organization in familiarise themselves with the security procedures, policies, and products.
Strategy & Planning:
- Create and maintain the enterprise’s information security architecture design
- Develop, implement, maintain, and oversee enforcement of policies, procedures and associated plans for system security and user system access
- Design and implement disaster recovery plan for operating systems, databases, networks, servers, and software applications
- Assess the need for any security reconfigurations (minor or significant) and execute them if required
- Keep current with emerging security threat landscape
- Conduct research on emerging products, services, protocols, and standards in support of security enhancement and development efforts.
Acquisition & Deployment of Security Solutions and Enhancements:
- Determine whether security can be enhanced and reporting this to senior management
- Select and acquire additional security solutions or enhancements to existing security solutions to improve overall enterprise security posture
- Recommend, schedule, and perform security improvements, upgrades, and/or purchases
- Oversee the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing security solutions.
Network Administration and Maintenance:
- Monitor event logs, network access and implement corrective measures as needed
- Monitor and report on threat and vulnerability management and device health and compliance
WHAT YOU’LL BRING TO THE TABLE?
- NQF Level 7 Qualification in Computer Science or equivalent
- Relevant certification in Information Security
- 3 – 4 years’ experience in information security consulting/officer type roles from the IT Security industry
- Experience in managing security incidents
- Experience in administering, maintaining, documenting and supporting server and network security infrastructure
- Experience with monitoring networks to avoid security breaches, and to determine causes
- Experience installing and deploying software such as data encryption and firewalls, and ensure they work to keep sensitive information safe
- The ability to create reports on any security breaches, outlining the damage that has been caused
- Experience with performing penetration testing
- Keeping up to date with new IT security trends
- Best practice knowledge of security standards in their organization
- Understanding/Knowledge / implementation of Information Security Frameworks
WHAT WILL YOU GET IN RETURN?
We offer great opportunities for personal and professional development in a stable company that’s 127 years strong. The role comes with a competitive salary package and various benefits. Flexible work arrangements (combination of remote and in the office). Furthermore, you will be a part of a dedicated group of colleagues who value teamwork and collaboration.
Turnaround time
The shortlisting process will only start once the application due date has been reached. The time taken to complete this process will depend on how far you progress and the availability of managers. Kindly note that should you not receive a response within 21 days please consider your application unsuccessful.
Closing date: 31 January 2022
Our Commitment to transformation:
In accordance with the employment equity plan of Rand Mutual Assurance and its employment equity goals and targets, preference may be given, but is not limited, to candidates from under-represented designated groups.
Desired Skills:
- CISSP
- CISM certified
- Reporting
- Information Security Risk Management
Desired Work Experience:
- 2 to 5 years Investments, Insurance & Assurance
- 2 to 5 years Systems / Network Administration
Desired Qualification Level:
- Degree
About The Employer:
We offer great opportunities for personal and professional development in a stable company that’s 127 years strong. The role comes with a competitive salary package and various benefits. Flexible work arrangements (combination of remote and in the office). Furthermore, you will be a part of a dedicated group of colleagues who value teamwork and collaboration.
Employer & Job Benefits:
- Group Life Assurance
- Pension Fund
- Funeral Plan