MAIN PURPOSE OF ROLE
To design and implement security measures and controls to ensure continuous monitoring and protection of software,
networks, infrastructure and systems.
TECHNICAL COMPETENCY REQUIREMENTS
? Deep expertise of networks, infrastructure, and cyber security monitoring tools
? Understanding of CSOC – Cyber Security Operations Centre
? Understanding of Service Level Agreements
? Some knowledge of Cobit and /or ITIL
? A sound understanding of IT Service Operations
REQUIRED MINIMUM EDUCATION/TRAINING
? B degree in related discipline
? Relevant IT Security certification or equivalent
REQUIRED MINIMUM WORK EXPERIENCE
? At least 6 years’ experience in IT, of which a minimum of 3 years must be in a security analyst role.
? Good knowledge of Cyber Security and related applications and tools
KEY RESULT AREA
Engage in Incident Management
? Resolve all allocated security related incidents – either personally (1st line) or by overseeing service providers (2nd line) in accordance with SLA agreements, standards and procedures.
? Review incident trends and incident history, and consolidate for problem management purposes.
Manage ICT Assets
? Develop and maintain the company ICT Asset lifecycle roster.
? Periodically refresh and rotate IT assets, as and when they have reached end of life as per policy and schedules.
? Identify and record assets that are reaching their end of life or are becoming uneconomical to maintain.
? Execute and/or or oversee infrastructure maintenance in a manner which takes the life of the asset into account.
? Assist in the review of requests for new ICT infrastructure.
IT Service Delivery
? Resolve all but the most complex infrastructure incidents against agreed SLAs; escalate incidents as and when necessary.
? Work alongside 2nd line infrastructure support suppliers, to ensure that customer support and the company’s service requirements are met.
? Manage personal performance and the performance of and service providers and implement actions to improve service delivery.
Designs and implements quality
? Design and develop security solutions and platforms including, Defence, Audit, Monitoring and Detection, making decisions regarding insourcing and outsourcing mix
to ensure the company retains a core capability in this area
? Monitors and tracks the remediation of application security vulnerabilities and risks.
? Support the IT Support SME’s to remediate application and technology security vulnerabilities and risks.
? Assesses the impact of an application going live with residual risks/vulnerabilities and guides the stakeholders accordingly.
? Facilitating and brokering the negotiations with key stakeholders on the level of tolerable risk vs business benefit.
? Ongoing management, monitoring and maintenance of IT security policies and the adherence thereof.
? Implement activities that ensure network integrity, including but not limited to backups, anti-virus, patch deployment and email size integrity.
IT Security Governance
? Enforce a secure IT environment and ensuring compliance with local and international laws, regulations and standards.
? Monitor and manage the overall security posture using appropriate tools and technologies
? Implement and drive security awareness and training program for internal and external stakeholders
? Provide security during development stages of software systems, networks and data centres
? Ensure and improve the company’s IT Security and regulatory compliance and governance
- Cyber Security
- Security Analyst