Job Description

Purpose:

Responsible to lead the assessments, analysis and monitoring of cyber security within the company, providing recommendations that ensure that the company is safe-guarded from any potential cyber threats

Duties and responsibilities

• Drive vulnerability testing, risk analyses and security assessments providing findings to the Head of the department
• Monitor, analyse, and detect Cyber events and incidents within information systems and networks.
• Consult on integrated, dynamic Cyber defence and leverage Cybersecurity solutions
• Administer Cybersecurity operational services, including intrusion detection and prevention, situational awareness of network intrusions; security events; data spillage; and; Incident response actions.

• Participate in testing, deploying, and administering the infrastructure hardware and software which are required to effectively manage the organizations Cybersecurity operational services.
• Provide daily operational effectiveness reporting to CISO
• Conduct internal and external security audits, providing recommendations to close any potential gaps within the process and or system
• Anticipate security alerts, incidents and disasters and reduce their likelihood
• Monitor network, intrusion detection and prevention systems for security breaches and investigate a violation when one occurs
• Analyze security breaches to determine their root cause providing ones findings and recommendations to the Head of the Department
• Prepare reports that document security breaches and the extent of the damage caused by the breaches
• Establishes system controls by developing framework for controls and levels of access; recommending improvements.
• Drafts procedures and or policies with regards to cyber security submitting them to the Head of Department for review and authorisation
• Ensures authorized access by investigating improper access; revoking access; reporting violations; monitoring information requests by new programming; recommending improvements.
• Develops security awareness by providing orientation, educational programs, and on-going communication.Updates job knowledge by participating in educational ; reading professional publications; maintaining personal networks; participating in professional organizations.
• Research the latest information technology (IT) security trends to ensure that the company is remains relevant and protected
• Provide input into developing information security standards and best practices for their organization
• Recommend security enhancements to management or senior IT staff
• Help computer users when they need to install or learn about new security products and procedures
• Identify and respond to threats to meet or exceed defined SLAs, escalating where need be.
• See incident through to resolution and document the event.
• Ensure compliance with established security configuration standards and best practices.
• Maintain, manage and upgrade agent-based security tools.
• Create and maintain appropriate standard operating procedures for the Cyber
• Security, including business continuity plans.
• Tuning of and responding to requests for application whitelisting solutions.
• Work closely with key stakeholders to ensure operational readiness for cyber security technologies.
• Work closely with other teams to design, architect, consult and implement security solutions.
• Establish plans and protocols to protect digital files and information systems against unauthorized access, modification and/or destruction
• Execute tasks related to the planning and implementation of new or upgraded security controls.

Qualifications and experience:

• Bachelors degree in Information Security or similar;
• Industry certifications such as CISSP, SANS/GIAC: GSEC, GCIH, GFCA, GCFE, GCIA; EC-Council: CEH, ECIH, CHFI, ECSA; Security+; Tenable: TCNU, TCNA, TCSE are preferred
• 5 years of experience in Cybersecurity, engineering, or security vulnerability remediation
• In-depth knowledge of MS Azure security platform (MS Intune / DRM / O365 Security) In-depth knowledge of Firewalls and Malicious Code Defence including APT; Knowledge of
• Cybersecurity technical assessments, standards, tools, and processes Extensive knowledge of Cybersecurity tools, processes, and methodologies