JOB PURPOSE
Implement and manage security controls to prevent unauthorised access to FIC data and infrastructure and to protect against Cyber Security threats and attacks.
KEY PERFORMANCE AREAS:
• Conduct reviews of all systems to ensure that effective IT (Information Technology) security controls consistent with policies are in place for each system.
• Advocating security and security practices throughout the organisation.
• Provide input into drafting and implementing security policies and procedures.
• Assist in planning and testing upgrades on all security-related infrastructure.
• Participate in penetration testing.
• Participate in IT Security awareness training on a regular basis.
• Identify and implement solutions to help neutralize security vulnerabilities.
• Monitor systems for irregular behaviour and set up preventive measures.
• Conducting research to identify attack vectors against the organisation.
• Assist with the Information Security plans to resolve gaps identified from audits, risk assessments or vulnerability scans.
• Review and analyse security alerts and vulnerability notices from vendors and other security sources.
• Participate in risk assessments of IT infrastructure and applications and make recommendations for improvements.
• Review and analyse security logs generated by security systems and recommend appropriate actions.
EDUCATION, SKILLS AND EXPERIENCE:
• Relevant IT diploma or equivalent to NQF 5 qualification
• Relevant Cybersecurity or IT Security certification
• Minimum 3 years Cyber Security experience
• Valid Cisco CCNA certification
• Minimum 3 years Firewall management experience
• Minimum 2 years Cloud Security Experience
• Cloud Security certification – such as, Security Administrator Associate, Microsoft Security, Compliance, and Identity Fundamentals, Microsoft Security Operations Analyst,
• Minimum 2 years Vulnerability management experience
Advantageous:
• ITIL / COBIT Foundation certification
• Ethical Hacking
• Digital Forensics
• ISO27001
• NIST
• Any of the following certification (s) CRISC, CISM, CGEIT, CISSP, CCSP