We are responding to a Tender that has been released by the Road Accident Fund, for the acquisition of ICT Resources.
Role Purpose: Security Engineer Patching & Antivirus Management and Administration
The Security Engineer is accountable to the ICT security computing environment by identifying requirements, installing antivirus and perform patch management, design, and develop ICT system and network security controls, maintain, and monitor all security controls as per RAF governance, conduct technical evaluation in ICT systems and networks, ability to identify security weaknesses on the network and ICT systems. Ensure availability and protection against intrusion or malicious activities. Work hand in hand with all systems/applications engineers within ICT to ensure a smooth functioning of the ICT environment.
Technical Overview:
- Proven work experience as a security engineer or information security engineer performing patch and antivirus management
- Thorough understanding of the latest security technologies, principles, and protocols.
- Extensive knowledge of Windows Software Update Services (WSUS) and System Configuration Centre Manager (SCCM)
- Extensive understanding to plan, schedule, design and deploy necessary patches from trusted source as and when they are made available.
- Extensive knowledge to identify and maintain activities that provide an understanding of how to manage cybersecurity risks to systems, assets, data and capabilities
- Extensive knowledge to analyse the type of threats and identify ways of proactively handling them.
- Ability to Conduct a likelyhood on the ocurence of the threats.
- Ability to identify and maintain activities that provide an understanding of how to manage cybersecurity risks to systems, assets, data and capabilities
- Implement necessary controls that aims to safeguard or protect cybersecurity related events.
- Assist in defining and implementing the RAF’s processes to record the security incident details.
- Perform research, testing,evaluation and deployment of security technology and procedures.
- Conduct formal information security risk analyses, reviews, tests, audits, and/or self-assessments.
- Ability to Apply Multiple security testing methodologies and techniques to assess security infrastructures and identify / evaluate vulnerabilities.
- Extensive knowledge to analyse security breaches to determine the root cause of the violations and prepare reports that document findings and resolutions.
- Contribute to the development and implementation of departmental policy, standards & procedures and processes.
- Keep up to date with effective policy and practice execution strategies.
Qualifications
- Bachelor’s Degree in Computer Science, Information Systems, Systems Analysis related qualification.
- Comptia security
- Cisco certified, Network technician (CCeNT)
- CCNA
- CCNA security
- Certified Cisco Security professional, CompTIA and Microsoft preferred.
- Operational framework like ITIL v4 operations process certified
Experience
- Relevant 5-7 years’ experience in cyber governance, risk, controls, and compliance management-related environment of which 2 years must have been in the area of expertise.
- Knowledge of legal, regulatory, and privacy requirements
- Knowledge of Data Loss Prevention, Data Replication, and Disaster Recovery Systems.
- A deep understanding of Technology Security risks and mitigating solutions.
- Knowledge NIST Cybersecurity Framework.
- Knowledge of COBIT 5, ISO27001/2 frameworks
- Knowledge and appreciation of the wider Cyber Security issues and opportunities beyond the specific domain specialisation.
- Risk assessment skills.
- Microsoft Office Product Suite – Is able to efficiently utilise the various MS Office .Product range such as ,MS Outlook, MS Excel, MS Word and MS PowerPoint.
- Operating system Security (MS, UNIX, Linux etc…)
- Database Security.
Desired Skills:
- CompTIA Security+
- CCeNT
- CCNA
- CCSP
- CCNA Security
- ITIL
Desired Work Experience:
- 5 to 10 years
Desired Qualification Level:
- Degree