Information Security Analyst

Our client has an opportunity available for an Information Security Analyst.

Requirements:

• 5 years’ experience within either an Information Security position or Cybersecurity, which include protection against social engineering, or security vulnerability remediation, of which:
  • 2 years’ IT administration experience.
  • 2 years’ Ethical Hacking experience.
• In-depth knowledge of Cloud security platform.
• In-depth knowledge of Firewalls and Malicious Code Defence including APT.
• Knowledge of Cybersecurity technical assessments, standards, tools, and processes.
• Knowledge of common attack vectors.
• Knowledge of Vulnerability assessment tools.
• Endpoint and network security tools or techniques.
• Bachelor’s degree in Information Security or similar.
• Industry certifications.

KPAs:

• Support with development and maintenance of Cyber Security Road Maps and interventions.
• Create and maintain appropriate standard operating procedures for Cyber Security and information protection.
• Identify, respond, predict and analyse security breaches and threats to determine their root cause.
• Research, investigate and develop proficiency in current and emerging threats, vulnerabilities, and security technology developments.
• Work closely with other stakeholders to design, architect, consult and implement security solutions to ensure readiness for security technologies.
• Contribute to project risk management consulting and technical reviews, drafting mitigation plans and delivering on any actionable items allocated.
• Draft procedures and policies with regards to cyber security.
• Monitor and analyse Cybersecurity operational services.
• Identify and resolve vulnerabilities in networks, servers, systems, and applications by performing vulnerability scans.
• Audit vendor services and report on non-performance or execution deficiencies to the Information Security Officer.
• Maintain compliance with core risk management concepts, such as vulnerability management and threat intelligence.
• Create a collaborative program to coordinate and drive operational activities related to Cyber Security.
• Advise Technology business partners on regulatory, compliance and legal requirements as it relates to securing data.
• Lead and collaborate on lessons learned and root cause activities.
• Manage internal control framework ensuring internal controls are reviewed periodically by departments as well as driving internal control adherence and compliance.
• Monitor and drive compliance against the audit framework.
• Conduct technical security reviews and perform technical risk assessments.
• Act as a change management architect in periods of change to ensure continuity to operations.