Introduction:

Reporting to the Information Security Specialist, the Cybersecurity Analyst will be responsible for building-in security during the development stages of software systems, networks, and data centres. The incumbent will be responsible for searching of vulnerabilities and risks in hardware and software and close off security vulnerabilities when a potential threat or attempted breach is found.

Description:

THE JOB AT A GLANCE

Reporting to the Information Security Specialist, the Cybersecurity Analyst will be responsible for building-in security during the development stages of software systems, networks, and data centres. The incumbent will be responsible for searching of vulnerabilities and risks in hardware and software and close off security vulnerabilities when a potential threat or attempted breach is found. The Information cybersecurity analyst will also be required to secure enterprise information by determining security requirements, planning, implementing and testing of security systems to detect, prevent and resolve security threats to the installed computer systems and to maintain the integrity and confidentiality of company data and information systems.

Security Deployment, Administration and Maintenance

• Deploy, manage and maintain all security controls and their corresponding or associated software


• Ensure the confidentiality, integrity and availability of the data residing on or transmitted through systems


• Manage the implementation and execution of Data-Loss strategies


• Ensure the enforcement of enterprise security documents


• Manage security for local and wide area networks


• Design, perform, and/or oversee penetration testing of all systems in order to identify system vulnerabilities


• Design, implement, and report on security system and end user activity


• Supervise all investigations into problematic activity and provide on-going communication with senior management


• Recommend, schedule (where appropriate), and apply fixes, security patches, disaster recovery procedures, and any other measures required in the event of a security breach


• Supervise the design and execution of vulnerability assessments, penetration tests and security audits

Security Monitoring and Remediation

• Monitor event logs, network access and implement corrective measures as needed.

• Monitor and report on threat and vulnerability management and health and compliance


• Apply remediation proactively on security threats and incidents, including patching, vulnerability assessments, and audit findings

Security Operations Analytics and Reporting

• Provide regular reporting and analytics of the security operations, including threat intelligence and vulnerability exposure.

Coaching and mentoring

• Design, implement, and report on security system and end user activity


• Coach and mentor junior staff in the security function

Requirements:

WHAT WILL YOU BRING TO THE TABLE?

• NQF Level 7 Qualification in Computer Science or equivalent


• Relevant certification in Information Security


• 6 – 8 years’ experience in information security consulting/officer type roles


• Preferably experience working in the financial services industry


• Experience in managing security incidents


• Experience in administering, maintaining, documenting and supporting server and network security infrastructure


• Experience with monitoring networks to avoid security breaches, and to determine causes


• Experience installing and deploying software such as data encryption and firewalls, and ensure they work to keep sensitive information safe


• The ability to create reports on any security breaches, outlining the damage that has been caused


• Experience with performing penetration testing


• Experience with industry standards such as ISO 27001


• Keeping up to date with new IT security trends


• Best practice knowledge of security standards in their organization


• Understanding/Knowledge / implementation of Information Security Frameworks