Overview
Gather information related to Technology Transformation & Innovation.
Responsibilities
* Research the latest information technology security threats and trends globally and use this information to provide the management team with the required information to implement solutions to protect SBV’s data.
* Adopt the strategic direction provided in order to execute duties, providing feedback as and when required.
* Conduct analysis & planning activities: Gather evidence required for security and vulnerability assessments, providing findings to the Information Security Analyst L2 for review and reporting.
* Conduct investigation on uses of data encryption, firewalls, and other appropriate security tools and applications to conceal and protect transfers of confidential digital information.
* Analyse security breaches to determine their root cause providing one’s findings and recommendations to the Information Security Officer.
* Conduct log correlation in the event of a breach or suspected data loss incident for investigative purposes. Evidence gathering to be presented to the Information Security Officer in form of a report.
* Provide input into the design for your area of responsibility: Create content and drive security awareness through facilitating orientation, educational programs, and ongoing communication.
* Investigate security remediation tool sets that will allow for automation on system threats through software development or off-the-shelf tools.
* Compile a business case outlining the preferred toolset, submitting for approval to the Information Security Officer.
* Proactively configure and monitor security alerts relating to incidents, and disasters to reduce likelihood.
* Implementation & execution within mandate: Support Information Security Analyst L2 to conduct internal and external security reviews by conducting interviews, running toolsets and consolidating the information to provide recommendations to close any potential gaps within the process and/or system.
* Identify and respond to threats to meet or exceed defined SLAs, escalating where need be.
* Mitigate the incident and provide accurate documentation around the resolution process.
* Verify authorized access by conducting reviews of logical access on systems.
* Monitor and remediate network, intrusion detection and prevention systems on a daily basis for security breaches and investigate and report to the Information Security Officer when a violation occurs.
* Monitor the information security compliance against SBV’s standards and best practices.
* Gather information and prepare reports that document security breaches and system compliance within the landscape.
* Create awareness of IT Security good practices to the relevant stakeholders through communication and training: Provide system users with assistance guidance about new security products and procedures.
* Drive compliance with cyber security training, in conjunction with Organisational Development, and awareness including alerting and escalations of non-compliant staff.
* Deliver security awareness through facilitating the orientation, educational programs, and ongoing communication.
* Develop, document and distribute how-to guides and update the internal knowledge base.
* Adhere to process and policy: Monitoring of systems to drive 0 data material breaches and findings in audits.
* Drive the closure of audit findings departmentally providing regular feedback to the Information Security Officer.
* Support with checks and monitoring of internal control framework ensuring internal controls are reviewed periodically by departments as well as driving internal control adherence and compliance.
* Monitor and drive compliance with established security configuration standards and best practices. Verify compliance with established security configuration standards and best practice.
* Lead as an Ambassador and executor of Change: Act as a change management architect in periods of change to ensure business continuity.
* Manage the integration of business units into a seamless end to end solution for customers.
* Effectively communicate and embed new processes and procedures as they occur, addressing or escalating matters/ concerns to the SMEs when required.
* Facilitate the necessary presentations, workshops, or forums to ensure consistent and accurate information is given across one\'s portfolio.
Requirements
* Bachelor’s degree in Information Security or similar.
* Industry certifications such as CISSP, SANS/GIAC: GSEC, GCIH, GFCA, GCFE, GCIA; EC-Council: CEH, ECIH, CHFI, ECSA; Security+; Tenable: TCNU, TCNA, TCSE ISO 27001 (advantageous).
Communication will be limited to shortlisted candidates only.
SBV recruitment is committed to transformation and diversity alignment.
Work Experience
* 2 Years’ experience within either an Information Security position or Cybersecurity, of which: 2 Years’ IT administration experience.
* In-depth knowledge of Cloud security platform (MS Intune / O365 Security, etc.) (Advantageous).
* In-depth knowledge of Firewalls and Malicious Code Defense including APT (Advantageous).
* Knowledge of Cybersecurity technical assessments, standards, tools, and processes (Advantageous).
* Knowledge of common attack vectors (Advantageous).
* Knowledge of Vulnerability assessment tools (Nessus, Nmap) (Advantageous).
* Endpoint and network security tools/techniques (Advantageous).
Job Type: Permanent • Salary: Market Related • EE Position: No • Location: Houghton
#J-18808-Ljbffr