SNR INFRASTRUCTURE / SECURITY SPECIALIST

Dec 12, 2022

MAIN PURPOSE OF ROLE:
To design and implement security measures and controls to ensure continuous monitoring and protection of software, networks, infrastructure and systems.

TECHNICAL COMPETENCY REQUIREMENTS:

  • Deep expertise of networks, infrastructure, and cyber security monitoring tools
  • Understanding of CSOC – Cyber Security Operations Centre
  • Understanding of Service Level Agreements
  • Some knowledge of Cobit and /or ITIL
  • A sound understanding of IT Service Operations

REQUIRED MINIMUM EDUCATION/TRAINING:

  • B degree in related discipline
  • Relevant IT Security certification or equivalent

REQUIRED MINIMUM WORK EXPERIENCE:

  • At least 6 years’ experience in IT, of which a minimum of 3 years must be in a security analyst role.
  • Good knowledge of Cyber Security and related applications and tools

KEY RESULT AREA:
ENGAGE IN INCIDENT MANAGEMENT

  • Resolve all allocated security related incidents – either personally (1st line) or by overseeing service providers (2nd line) in accordance with SLA agreements, standards and procedures
  • Review incident trends and incident history, and consolidate for problem management purposes.

MANAGE ICT ASSETS:

  • Develop and maintain the company asset lifecycle
  • Periodically refresh and rotate IT assets, as and when they have reached end of life as per policy and
  • Identify and record assets that are reaching their end of life or are becoming uneconomical to maintain.
  • Execute and/or or oversee infrastructure maintenance in a manner which takes the life of the asset into
  • Assist in the review of requests for new ICT infrastructure.

IT SERVICE DELIVERY:

  • Resolve all but the most complex infrastructure incidents against agreed SLAs; escalate incidents as and when necessary.
  • Work alongside 2nd line infrastructure support suppliers, to ensure that customer support and the company service requirements are met.
  • Manage personal performance and the performance of and service providers and implement actions to improve service delivery.

DESIGNS AND IMPLEMENTS QUALITY SECURITY SOLUTIONS:

  • Design and develop security solutions and platforms including, Defence, Audit, Monitoring and Detection, making decisions regarding insourcing and outsourcing mix to ensure company retains a core capability in this area
  • Monitors and tracks the remediation of application security vulnerabilities and
  • Support the IT Support SME’s to remediate application and technology security vulnerabilities and risks.
  • Assesses the impact of an application going live with residual risks/vulnerabilities and guides the stakeholders
  • Facilitating and brokering the negotiations with key stakeholders on the level of tolerable risk vs business
  • Ongoing management, monitoring and maintenance of IT security policies and the adherence
  • Implement activities that ensure network integrity, including but not limited to backups, anti-virus, patch deployment and email size integrity.

IT SECURITY GOVERNANCE:

  • Enforce a secure IT environment and ensuring compliance with local and international laws, regulations and
  • Monitor and manage the overall security posture using appropriate tools and technologies
  • Implement and drive security awareness and training program for internal and external stakeholders
  • Provide security during development stages of software systems, networks and data centres
  • Ensure and improve the company’s IT Security and regulatory compliance and governance

OUTCOMES:

  • Incidents are managed within given SLA, standards and procedures and accurately documented for reporting and risk mitigation purposes
  • Detailed and accurate asset lifecycle roster available for reporting and asset review
  • Service delivery is managed within the guidelines of agreed SLA’s
  • Implemented security solutions succeeds in remediating application and technology security vulnerabilities and risks.
  • Successful collaboration with business to balance business benefit and level of risk.
  • Increased security awareness and education
  • Managed and improved IT security governance and compliance

Desired Skills:

  • Understanding Service Legal Agreements
  • Some knowledge Cobit
  • Understanding of CSOC

