Security Specialist wanted immediately: Salary R540 000 to R660 000 per year
Sandton, Gauteng
R540 000 – R660 000 a year
A digital communication client of mine in Rosebank is currently looking for an innovative security specialist who can safeguard information systems by identifying and solving potential and actual security risks.
Responsibilities:
Monitor, investigate and report on incidents.
Be able to be a part of an incident response team and triage.
Assess security incidents quickly and effectively and communicate a course of action to Regional Security SMEs.
Compile and maintain information security incident reports. Ensure that all incidents are recorded and tracked to meet audit and legal requirements.
Oversee and conduct root cause analysis to identify gaps and recommendations ultimately remediating risks to the organisation.
Provide content creation and policy tuning for multiple security detection and alerting tools.
Effectively manage reported system, application and device vulnerabilities and through remediation and maintenance in adherence with incident response procedures.
Define and maintain all the security governance documents that are required to support the strategy/solutions.
Develop and optimize processes to improve security threat identification and remediation.
Maintain active understanding of industry practices for threat analytics and incident response.
Assisting developers in secure coding best practices, risk mitigation techniques, and threat modelling.
Explain, present, demonstrate (when applicable) and document the operational impact of a particular vulnerability, threat or risk.
Monitor and maintain approved baseline network topologies and configuration.
Compile vulnerability and penetration testing reports according to the Global Security standard.
Conduct Phishing campaigns.
Provide security, technical, configuration, and architecture support to Regional security SME representatives as required.
Keep the information security toolset plan for IT functions agile and current to constantly be able to address risk.
Create and develop policies and standards to be applied to ensure proper controls are in place.
Embed and manage the ISO 27001 compliance standard and ensure proper processes and structures are put in place
Define a process of understanding data flows, categorisations, locations and architecture of servers to fully be able to interpret the outputs of the reports and action accordingly.
Manage third party interactions and manage alerts appropriately
Manage a vulnerability management system in line with current risk management system
Create and maintain security awareness campaigns and perform training on key security aspects and process change.
Day to day operational tasks as assigned.
Scheduled after-hours and weekend work might be required. The employee is required to be on standby for urgent escalations at all times.
Minimum Requirements:
A minimum 2 years in a similar role
Experience using vulnerability management tools, firewalls, intrusion detection systems, and responding to network/computer intrusions and supporting inquiries.
Knowledge of information systems security principles and methods, the requirements for certification and accreditation of systems testing and evaluation, and performance management methods.
Knowledge of test and assessment methods to evaluate security authentication technologies.
Knowledge of standards like PCI, SOC2, ISO 27001.
Expansive general IT knowledge.
Ability to conduct information security risk assessments
Ability to create and execute security monitoring tool sets such as DLP, SIEM and Web Gateway, Cyber Protection.
Exposure to cybersecurity or SOC monitoring.
Strong technical ability.
Stakeholder Management
Ability to support an information security strategy that supports business needs
Understanding of the NIST and ISO 27000 frameworks
Business Acumen
Interpersonal skills
Multi-task and quality-focused.
Good understanding of risk and compliance
Understanding of business process analytics
Project Management skills
Apply Now
Source: Indeed
