Job Summary
Introduction
A vacancy exists for an IT Security Operations Analyst, reporting to the Head: Technology Services. The responsibility of the successful incumbent is to manage access to domain resources and business systems within the Banking environment. This involves the day-to-day administration of user accounts and privileges throughout the user account. The incumbent will be responsible for security administration and user provisioning to network resources and internal Business systems, and administration will be performed on Active Directory and the various Business applications and services.
Critical outputs
Processes
Operational Support:
- Create user accounts on Active Directory domain and across Application environments.
- Perform password resets and access revocations.
- Implement and maintain security roles/profiles and entitlements throughout the user account lifecycle.
- Develop and update access control lists
- Process security authorization requests in accordance with operating procedures.
- Troubleshoot and resolve authorisation issues on Microsoft Active Directory.
- Assist in implementing, maintaining, monitoring and reporting of security solutions on endpoints.
- Assist with updating software with the latest security patches and ensuring that proper security controls are present on endpoint resources.
- Provision and maintain access to securable network resources (e.g. share folders, network drives, Internet access).
- Document and implement security administration procedures that safeguard the operating environment against accidental or unauthorized modification or disclosure.
- Provide monthly management information to demonstrate performance of the service.
- Adhere to client policies to ensure a secure operating environment.
- Engage with Business whenever role reviews are required.
- Consult with staff, managers, and executives about the best security practices and providing technical advice.
- Interface with IT stakeholders (e.g. Technology Infrastructure) and ensure that the hosting environment meets service requirements.
- Form part of a team providing 24/7 technical IT Security Operations support to users and business systems.
- Performs all Endpoint status review, Health checks for Security Apps and Malware alert reviews.
Programme and Project Support:
- Provide support to the Programme Office in the build and implementation of new IT services and major changes to existing services.
- Ensure that security administration is performed across production and non-production environments as required to ensure projects are delivered as per schedule.
Compliance, Governance, Risk and Control Processes:
- Liaise with Change and Release Management in the planning of changes and releases of services in scope.
- Participate in Business Continuity plans for services in scope.
- Participate in Disaster Recovery Planning activities to ensure access to Business services in the event of a major outage, and partake in regular DR tests.
Governance
- Ensure appropriate management of the risk profile for the area of accountability, manage critical risks and ensure feedback integration.
People
- Communicate deviations to best practice, foster an environment of continuous learning and improved employee engagement levels.
Finance
- Implement effective financial control, management of costs and corporate governance in area of accountability.
Client
- Define and influence relationships and service level agreements made with internal and external stakeholders.
- Build and maintain relationships with stakeholders to ensure integrated approaches in pursuit of collective goals.
Requirements
- At least 5 years related work experience dealing with IT security systems and administration
- Security administration experience across multiple IT platforms an advantage.
- Experience in a healthcare, insurance, banking or financial services environment.
- Advanced Diploma or NQF 7 level in Information Technology or related IT qualification
- Relevant security certifications in Information security – e.g. CISSP an advantage
- Previous experience in the healthcare, insurance, banking or financial services industry will be advantageous.
- Sound knowledge of Information Security controls, concepts, and best practices is required along with a solid understanding of technology and associated security risks.
Competencies
- Problem-solving, analysis and judgement
- Resilience
- Engaging diversity
- Verbal & written communication
- Influencing
- Building relationships
- Drive & energy
- Excellence orientation
- Ethical behaviour
- Computer literacy