Information Security Analyst

Jul 7, 2023

Requirements
This position will be accountable for:

  • Continuously learn about potential improvements to the security framework, methodology, standards, and system of internal controls
  • Gather and evaluate information, including to support Auditors, Regulators, and compliance partners
  • Perform tests, to evaluate the design and effectiveness of key controls as is necessary for compliance
  • Identification of control deficiencies in the design and operating effectiveness of information security controls

  • Participating in the establishment and implementation of information security audit and assurance planning and scheduling

  • Evaluation of compliance with programs and processes to mitigate cybersecurity risk and ensure protection of company and allied assets and information

  • Implementing and maintaining governance, risk and compliance (GRC) processes
  • Performing security and compliance assessments on new and existing systems, processes, technology
  • Attending disaster recovery and business continuity planning sessions to understand integration with information security governance, risk and compliance elements
  • Performing analysis and documentation of assigned business and technical processes
  • Conducting formal information security risk analyses, reviews, tests, audits and/or self-assessments
  • Working with relevant stakeholders to close out on audit findings and identified risks
  • Participating in IT controls and compliance testing activities and/or audits
  • Performing technical configuration of industry leading GRC tools through skills acquired on-the-job and specialist course offerings
  • Ensure cyber security policies and procedures are communicated to all personnel and that compliance is enforced
  • Supporting operation and administration of systems for information security and IT
  • Reporting on information security risks as and when required

Knowledge, skills and attributes:

  • Sound knowledge of information security risk management frameworks and compliance practices
  • Knowledge of securing network technologies, client, and server operating systems
  • Knowledge of security standards and guidelines based on best practices and industry standards
  • Interpersonal, communication, and presentation skills, including formal report writing skills
  • Understanding of common security standards and regulations, as well as cybersecurity frameworks (e.g., ISO2700x, NIST, CoBiT, BCM, ITIL, GDPR, ITAR, SOX, etc.)
  • Ability to manage and prioritize tasks and activities
  • Ability to quickly learn and work with technologies related to governance, risk, and compliance
  • Proficiency with Microsoft Office (e.g., Outlook, Word, Excel, PowerPoint, etc.)
  • Able to consistently deliver quality work products
  • A team-focused mentality with the proven ability to work effectively with diverse stakeholders
  • Ability to work under pressure while maintaining a professional image and approach
  • Education and training:
  • Bachelor’s degree in Computer Science, Information Technology or related and/or equivalent
  • Information security related training or certifications such as CISSP, CISM, CISA or CRISC
  • Experience:
  • At least 5-6 years’ experience in a similar position (IT security, risk management or GRC), progressing through other career levels
  • Experience of dealing with relevant stakeholders, managing expectations in the pursuit of improved information security
  • Working experience as a business analyst or a keen interest in business operations
  • Experience with common industry guidelines (such as CIS)

Desired Skills:

  • ISO2700X
  • CISM
  • CISSP
  • Information security
  • Data loss prevention
  • Security controls
  • COBIT
  • SOX
  • ITIL
  • ITAR
  • GRC
  • CIS
  • GDPR
  • NIST

Desired Work Experience:

  • 5 to 10 years

Desired Qualification Level:

  • Degree

About The Employer:

Our client seeks a Information Security Analyst urgently to join their growing and dynamic team located in the Southern Suburbs of Cape Town.

Learn more/Apply for this position