TECHNICAL COMPETENCY REQUIREMENTS
▪ Deep expertise of networks, infrastructure, and cyber security monitoring tools
▪ Understanding of CSOC – Cyber Security Operations Centre
▪ Understanding of Service Level Agreements
▪ Some knowledge of Cobit and /or ITIL
▪ A sound understanding of IT Service Operations
REQUIRED MINIMUM EDUCATION/TRAINING
▪ B degree in related discipline
▪ Relevant IT Security certification or equivalent
REQUIRED MINIMUM WORK EXPERIENCE
▪ At least 6 years’ experience in IT, of which a minimum of 3 years must be in a security analyst role.
▪ Good knowledge of Cyber Security and related applications and tools
KEY RESULT AREA
Engage in Incident Management
▪ Resolve all allocated security related incidents - either personally (1st line) or by overseeing service providers (2nd line) in accordance with SLA agreements, standards and procedures.
▪ Review incident trends and incident history, and consolidate for problem management purposes.
Manage ICT Assets
▪ Develop and maintain the company ICT Asset lifecycle roster.
▪ Periodically refresh and rotate IT assets, as and when they have reached end of life as per policy and schedules.
▪ Identify and record assets that are reaching their end of life or are becoming uneconomical to maintain.
▪ Execute and/or or oversee infrastructure maintenance in a manner which takes the life of the asset into account.
▪ Assist in the review of requests for new ICT infrastructure.
IT Service Delivery
▪ Resolve all but the most complex infrastructure incidents against agreed SLAs; escalate incidents as and when necessary.
▪ Work alongside 2nd line infrastructure support suppliers, to ensure that customer support and the company's service requirements are met.
▪ Manage personal performance and the performance of and service providers and implement actions to improve service delivery.
Designs and implements quality
▪ Design and develop security solutions and platforms including, Defence, Audit, Monitoring and Detection, making decisions regarding insourcing and outsourcing mix
to ensure the company retains a core capability in this area
▪ Monitors and tracks the remediation of application security vulnerabilities and risks.
▪ Support the IT Support SME's to remediate application and technology security vulnerabilities and risks.
▪ Assesses the impact of an application going live with residual risks/vulnerabilities and guides the stakeholders accordingly.
▪ Facilitating and brokering the negotiations with key stakeholders on the level of tolerable risk vs business benefit.
▪ Ongoing management, monitoring and maintenance of IT security policies and the adherence thereof.
▪ Implement activities that ensure network integrity, including but not limited to backups, anti-virus, patch deployment and email size integrity.
IT Security Governance
▪ Enforce a secure IT environment and ensuring compliance with local and international laws, regulations and standards.
▪ Monitor and manage the overall security posture using appropriate tools and technologies
▪ Implement and drive security awareness and training program for internal and external stakeholders
▪ Provide security during development stages of software systems, networks and data centres
▪ Ensure and improve the company's IT Security and regulatory compliance and governance