Job purpose
Responsible for the maintenance and enhancement of the information security and integrity of the company through the monitoring and rationalization of security technologies within the infrastructural and business areas.
Responsible for conducting regular audits to ensure compliance with company policy and procedures including Disaster Recovery and business continuity planning.
Key responsibilities
Act as the staff`s central point of contact for all ICT security incidents, develop incident handling procedures, report all incidents to the responsible incident response capability and track remedial actions;
Perform periodic Network infrastructure vulnerability assessments and penetration tests
Continuously review and report on infrastructure security (e.g. activity logs, backup logs, audit trails etc.);
Administration of security technologies;
Respond to ICT security incidents;
Participate in Disaster Recovery and BCP planning and tests;
Review and advise on ICT Change requests and related processes;
Document and promote awareness of security practices, processes, procedures and policies;
Conduct ICT security reviews and vulnerability audits to ensure compliance with the company’s policy
Coordinate and where relevant address security audit issues;
Implement existing and new ICT security practices to ensure they fit within the business needs and optimise the utilisation of all resources;
Assist other areas of ICT to ensure any technical designs or advice provided is accurate and fit for purpose from an Information Security perspective;
Maintain a security risk register of information risks with assigned owners and work with the Manager IT Security and Compliance to define appropriate work packages to mitigate risks;
Establish a process to track remedial actions to mitigate information security risks in accordance with the company’s standards with regular reports of progress to the Manager IT Security and Compliance;
Ensure that information security is addressed in the development and acquisition process of information systems and security related products; and
Perform any other duties assigned from time to time.
Key Performance Measures
Information Security Policies, Standards development.
Procedures and minimum baseline standards(checklist/Guideline) development and communication.
Monthly Security and Vulnerability assessments reports.
Security Designs Matrix for all business applications.
New Systems Security Risk Assessment report.
Provide reoccurring reports for network and host-based security solutions.
Develop trends dashboard on information security event and mitigation on a monthly basis.
Knowledge, Experience And Qualifications Required
Degree in Computer Science/Electrical Eng./Technology Management
Knowledge in software, Hardware, Systems Administration, Network Technology
Professional Information Security qualifications: CCNA/CISA/ITIL
4-6 years’ experience in a large IT environment with a minimum of 3 years Information Security & Compliance experience – in penetration testing and vulnerability assessments, IDS/Firewalls/VPN Administration, content filers, Security scan tools, Network and Systems Administration
Experience in enterprise security architecture design
Experience in enterprise security document creation
Experience in designing and delivering employee security awareness training
Experience in developing Business Continuity Plans and Disaster Recovery Plans
CompetenciesTechnical/ Functional skills;
Advanced networking competencies
Strong understanding of IP, TCP/IP, and other network administration protocols
Superior analytical, evaluative, and problem-solving abilities
Familiarity with Ms Windows, Unix, and Linux Operating systems and databases and virtualisation technologies
Exceptionally self-motivated, directed, and detail oriented
Open-minded and adaptable
Resilient and persuasive
Core competencies;
Communication skills
Building relationships
Focuses on the customers
Develops self
Solves problems
Wednesday, November 23, 2016Bachelors Degree in Computer Science
go to method of application »
