About the position
To actively protect the organisations information technology assets and infrastructure from external or internal threats and ensuring compliance with statutory and regulatory requirements regarding information security and privacy. Also, to ensure security controls are implemented and managed across the organisation and to improve the overall security posture while maintaining the integrity of the company brand.
JOB DESCRIPTION
- Understand company’s strategy and the cybersecurity implications to enable digital trust within company’s operations and platforms.
- Design, configure, deploy, and maintain security controls to safeguard company’s infrastructure.
- Actively protect the organization’s information technology assets and infrastructure from external or internal threats and ensure compliance with statutory and regulatory requirements regarding information access, security, and privacy.
- Analyse problems, and recommend solutions, products, and technologies to meet business security and information security [URL Removed] organizational information data flow and maintain an inventory of data to ensure sensitive information is identified and protected adequately.
- Understand data classification framework and implement controls as per sensitivity levels.
- Ensure protection of data with advanced data encryption, data masking, or tokenization, to protect data across applications, transactions, storage, and big data platforms, on endpoints, servers, databases, and cloud environments.
- Build, maintain and upgrade security technology, such as firewalls, web application firewalls; network access controls; web security controls; endpoint security controls for the safe use of computer networks, and the transmission and retrieval of information during business operations.
- Maintain the malware and destructive activities policy rules across security platforms to ensure business continuity while security is maintained.
- Coordinate monitoring of networks or systems for security breaches or intrusions across Cloud and On-premises platforms.
- Lead threat landscape assessment and situational Cyber-attack Vulnerability awareness through an understanding of the vulnerability Detection, Management program.
- Ensure vulnerability assessments and penetration tests are performed periodically.
- Analyse, and interpret vulnerability results and facilitate Protection, and Response Maturity levels remediation of identified vulnerabilities in conjunction with other IT departments, and business applications owners.
- Support facilities with the implementation of physical security measures designed to deny unauthorized access to company premises.
- Ensure robust and fit-for-purpose access controls, surveillance cameras, and intrusion systems
- Support the development of disaster response and recovery strategies within company.
- Ensure seamless transition between company and the disaster recovery site during security breaches or other business interruptions.
- Troubleshoot security and network problems to maintain a fit-for-purpose DR site and business continuity - plans.
- Provide second-line support to users with any Information Security related queries within the SLA period.
- Provide technical support to computer users for installation and use of security products.
- Oversee and provide advanced support on open issues (e.g. customer logged tickets, incidents, projects, etc.)
- Continuously develop information security standards and best practices to respond to the changing environment.
- Follow the Procurement processes to purchase and identify the right service providers for security services.
- Oversee Third-party service delivery in line with defined service level agreements.
JOB REQUIREMENTS
Qualifications
- Information Technology (IT) related bachelor’s degree/Diploma as recognized by SAQA.
- COBIT Mandatory
- Any (1) of the IT security certifications is mandatory e.g.:
- CompTIA Security
- CISCO certified
- Fortinet certified
- CISSP
Experience
- 6 years+ of Information and Technology security experience with advanced knowledge of the following technology environments: Darktrace Technology, Fortinet Firewalls Zscaler Technology, Mimecast, Crowd strike and familiarity with industry SIEM solutions.
Desired Skills:
- Darktrace Technology
- Mimecast
- Fortinet Firewalls Zscaler Technology
