ICT Security Specialist X2 - Contract
  • South Africa Johannesburg
  • ProDevelopment Group
1 year before
31.12.2023
Protect and Defend
Cyber Defense Infrastructure Support
Job Description

About the job
Our client a Global tech firm is seeking 2 ICT Security Specialists to join their team in Johannesburg on a contract basis. They offer stability, growth, attractive rates and a great working environment.

As an ICT Security Specialist, you will be responsible for implementing and maintaining the security of company assets in accordance with industry standards. You will also ensure that all internal processes are in line with regulations and best practice guidelines. Your responsibilities include reviewing vulnerabilities to identify potential issues; updating policies, procedures and documentation as required; auditing systems to find any weaknesses or vulnerabilities within them; setting up new systems/applications from scratch where necessary; ensuring that critical assets are kept secure at all times by protecting access credentials. You'll have a thorough understanding of cyber security legislation and requirements including ISO 27001:2013 (Information Security Management System), COBIT 5, ITIL v3 (Service Desk) etc.

Requirements

Technical and Support of new and existing security tools
Security initiatives as and when required
Ensuring they keep up to date on procedures and best practice relevant to their job responsibilities
Reporting any possible and actual breaches, errors, or complaints
Working with Qualys Vulnerability
Management and Web Application
Work with Forti Analyzer critical information on threats across the entire attack surface
A very good knowledge of Symantec Endpoint Protection and Encryption
Knowledge of industry frameworks (ISO 27001/2, COBIT, ITIL)
Ensure that all Information Security policies and procedures are followed according to the Client requirement
Provide sound security advice to Client’s clients
Creation of hardening Standards for ICS department
Assist with Cyber security awareness campaigns
Assist with ICS Audits and Risks
Maintain the technical risk register
Assist departments that are struggling to remediate vulnerabilities
Enhancements and Implementation
Deployment of new security solutions to Production
Initiate, recommend, and implement new solutions
Conduct assessment of proposed solutions and existing solutions
Documenting security processes and storing them in a shared document repository

Qualifications

Bachelor’s degree in Computer Science, IT or Information Systems required
Five years of experience in a security related field
Experience with Microsoft technologies preferred

Quick response
Required Knowledge
  • K0001   Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0003   Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
  • K0004   Knowledge of cybersecurity and privacy principles.
  • K0005   Knowledge of cyber threats an`d vulnerabilities.
  • K0033   Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists).
  • K0044   Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • K0061   Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
  • K0106   Knowledge of what constitutes a network attack and a network attack’s relationship to both threats and vulnerabilities.
  • K0157   Knowledge of cyber defense and information security policies, procedures, and regulations.
  • K0179   Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • K0324   Knowledge of Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications.
  • K0332   Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
Required Skills
  • S0007   Skill in applying host/network access controls (e.g., access control list).
  • S0077   Skill in securing network communications.
  • S0079   Skill in protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters).
  • S0121   Skill in system, network, and OS hardening techniques. (e.g., remove unnecessary services, password policies, network segmentation, enable logging, least privilege, etc.).
  • S0124   Skill in troubleshooting and diagnosing cyber defense infrastructure anomalies and work through resolution.
  • S0367   Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Required Abilities
  • A0123  Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).