IT SUPPORT
This is an on-premises position, candidate is required to be stationed at the office in Linbro Park, Sandton.
Candidate must have strong I.T. knowledge in networks, servers, cyber security, and general end user support.
I.T Policies and procedures:
Review the policies once a year and sign it off.
Add new policies as needed.
Must be familiar with POPIA requirements.
Must know ISA 315 audit requirements.
Disaster recovery and business continuity:
Test at least once a year.
Must know how to set up a DR environment (strong network & server knowledge).
Will be the liaison between the Company’s auditors and Alice, (auditing tool) this will require reporting all findings and keeping the overall score satisfactory.
Candidate must have knowledge of I.T. Operations, security, governance, frameworks, and a firm grasp of the below to provide to the auditor:
Access Management
Latest Final Signed-off Access Policy (not a draft version)
Risk Register pertaining to IAM
Full user list(s) for each in-scope system
Employee listing for all active and terminated employees
User requests for new users
Database logging settings and evidence of reporting and reviewing of direct access
Change Management and Systems Development
Latest Final Signed off Change Control Policy (not a draft version)
List of changes from change management software
List of change request with all applicable information
Evidence of CAB meetings and formal approval approaches
Evidence of Testing of Changes
Use of Program Library
Evidence of Automated version control
Evidence of migration software
Emergency change procedures
IT Operations
Latest Final Signed off IT Strategy (not a draft version)
List of key stored procedures on system and DB level used for daily operations
Documented backup policy and procedures
Operational server names per application
Printscreen of backup software
Reports showing last three months’ results of backups per application
Backup policies on backup software
Evidence of offsite backups and intervals
Testing of backups and restores
Evidence of backup media rotation and disposal policies
Environmental controls similar to server room above
Password Policy per in-scope system
Logs for high-risk events
Latest signed off recertifications performed
Database names for the applications as well as the direct login user profiles and permissions
Database logging settings and evidence of reporting and reviewing of direct access
Policies & Procedures
Change requests
Tracking changes
Testing changes
Separate environments
Version control
Change meetings & forum
I.T. Governance
Information security
Cybersecurity
Service management
I.T. Risk Management
Software development
I.T. Project management
Enterprise architecture
Penetration testing
Strategy
Full job spec will be provided on request
Desired Skills:
- I.T. knowledge in networks
- I.T. knowledge in servers
- Disaster recovery and business continuity
- I.T. Operations
- security
- governance
- frameworks
- Centre for Internet Security (CIS) v8