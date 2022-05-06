IT Security Specialist

Legal Requirements: S. A. citizen / permanent resident or valid work permit for S.A

Passed credit and criminal checks

Qualification: Tertiary qualification in Information Systems / Engineering (BSc IT, BCom IT)

Reports to: Group Cyber Security

Location: Hybrid (Centurion office & home office)

Experience: Minimum 6 years experience in core Information security domain.

General Purpose of the Position:

Managing the day-today operations and effectiveness of security-related programmes and initiatives, assesses the costs associated with potential threats and solutions required to eliminate or minimizing threats. Lead the service areas to provide assistance, advice, problem-solving, and technical information to internal and external customers regarding Information and Cyber security.

Core Skills and Experience:

General programming/software development concepts and software analytical skills.

Deep understanding and practical experience of IT Infrastructure and networks.

Deep understanding and practical experience around physical perimeter security.

Experience with hackers and hacking.

Experience in assessing and implementing security and risk standards including ISO 2700X, NIST, ITIL, COBIT

Systems security skills in assessment, design, architecture, management and reporting

Conduct Information Security Assessment against EY Methodology and leading practice frameworks and common standards.

Conduct attack and penetration on infrastructure, network, web application and source code review.

Must be proficient in the ISO 27001 and PCI DSS implementation

Must have knowledge on basics of cloud security

Experience in performing technical activities like VAPT, configuration reviews and technical exception handling.

Experience in cyber security incident management

Experience in dealing with clients

Experience in managing senior stakeholders and organization leadership teams

Experience in team handling

Key Responsibilities:

Define the contents of Policies and guidelines on security and risk

Creates the information security management system and supports its definition

Defines the operating procedures and rules on cybersecurity

Supports the definition of the guidelines for analysis of cybersecurity risks

Defines the security requirements for significant projects and initiatives

Defines and provides awareness programs

Defines activities relating to Access governance issues, in terms of management of request flows, mapping of authorizing roles, management of authorizations, recertification of users

Defines the Assessment program

Threat modelling, security architecture, authentication technologies

Security patch management review and implementation.

Supervises / Completes security tests of applications and systems

Supervises / conducts activities related to protection of data and applications and recording of activities

Supervises control of levels of protection and of compliance with cybersecurity rules

Supervises, identification, prevention and reaction to attacks of a cyber nature through analysis and control actions, via instruments and internal and external information sources

Assist company and client in managing Business continuity and disaster recovery

Supervises activities related Assist clients in designing and implementing their identify and access management solutions

Assist company and client in managing information protection and data privacy.

Internal fraud prevention and e-crime

Guides and controls Cybersecurity operations of the defense units under the responsibility of other corporate functions (logical and physical security)

Carries out Cybersecurity activities for Group companies, with the aim of maintaining adequate protection levels and measures

Supervises management of cybersecurity incidents and those related to fraud

Supports operationally the management of internal fraud prevention and e-crime issues, collaborating, where provided for, with fraud management functions

Management of relations with the Authorities, Law Enforcement Agencies and other qualified bodies (e.g. CERT) on the issue of Cybersecurity

Manages internal fraud prevention and e-crime issues, collaborating, were provided for, with fraud management functions Manages relations with the Authorities, Law Enforcement Agencies and other qualified bodies (e.g. CERT) on the issue of Cybersecurity

Validates responses to calls for tender and coordinates bid management activities for the part within his/her competence

Assist IT and software factory teams with security requirements and measure the effectiveness of the implementation.

Plan, manage and run with external vendor and customer security audits

To be a focal point for all Client security projects.

The company may include or exclude any task that may be necessary in the interest of the company at its discretion in the spectrum of services and/or duties to be rendered by the Employee.

The mission and activities described in this job description are not an exhaustive list of the day-to-day responsibilities of the job holder and are subject to change. They may be modified or complemented to reflect the company developments.

Desired Skills:

IT Security

Information Security

Risk Management

Compliance Management

SOC

Security Operation Centre

Risk Management Methodologies

Compliance Management Methodologies

Security Management

Desired Work Experience:

5 to 10 years

Desired Qualification Level:

Degree

About The Employer:

Formed in South Africa over 20 years ago, specialising in major financial system infrastructure development. Key player in the Central Banking space with over 9000 employees in 60 offices globally.

Employer & Job Benefits:

Provident Fund

Medical Aid

