Job Description

To support day-to-day data security operations including patch management, red team exercises, remediation of cyber security incidents, implementation of Cyber Security road map tasks and to support and maintain a broad suite of information security infrastructure

Essential: Matric or equivalent Senior Certificate. BSC Computer Science/Engineering or any relevant IT tertiary qualification. Information Security certification (s) such as Security+, Cyber Security Analyst, CRISC, CISSP or CISA. Advantage: ITIL certification (Information Technology Infrastructure Library

Essential: Minimum of 3 - 5 years of experience in information security and compliance frameworks.
Advantage: Minimum 5 years of experience in IT related positions.

IT Security Planning & Monitoring:

• Architects, designs, implements, maintains and operates information system security controls and countermeasures.
• Implement new security systems/platforms as per the Cyber Security Roadmap.
• Analyzes and recommends security controls and procedures in acquisition, development, and change management lifecycle of information systems, and monitors for compliance.

• Analyzes and recommends security controls and procedures in business processes related to use of information systems and assets, and monitors for compliance.
• Monitors information systems for security incidents and vulnerabilities; develops monitoring and visibility capabilities; reports on incidents, vulnerabilities, and trends.
• Responds to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches; interacts and coordinates with third-party incident responders, including law enforcement.
• Administers authentication and access controls, including the creation, modification, and deactivation of user and system accounts, security/access roles, and information asset access rights.
• Analyzes trends, news and changes in threat and compliance environment with respect to organizational risk; advises organization management and develops and executes plans for compliance and mitigation of risk; performs risk and compliance self-assessments, and engages and coordinates third-party risk and compliance assessments.
• Perform patch management of endpoints and servers to ensure highest level of security on all critical systems.
• Conduct red team exercises and remediation on mission-critical systems.
• Review, understand and correlate data from multiple sources, not limited to user authentication events, windows security event logs, intrusion detections alerts, proxy logs and firewall events.

Security Compliance:

• Assist with the documentation of security policies as well as promote activities and procedures to create a general awareness about the significance of security within the organization.
• Assist with the maintenance of information security policies and procedures and to ensure that the security strategies are being followed, to meet the organizational security goals and standards.
• Perform Payment Card Industry(PCI) compliance and IT General Controls (ITGC) related tasks as directed.
• Assist with the monitoring of internet access utilized by employees within the Group.
• Assist with the identification, investigation and resolution of security breaches.
• Develops and administers, or provides advice, evaluation, and oversight for, information security training and awareness programs.
• Manage configuration and change control records with regards to IT security system activities.

Stakeholder Liaison:

• Engage management on users that default their Cyber Security Awareness Training to ensure compliance.
• Liaise with stakeholders to perform root cause analysis and trend analysis of security threats.

Swift Recruitment