ICT Security Specialist
  • South Africa Johannesburg
  • Centrax Cloud
1 year before
31.12.2023
Oversee and Govern
Cybersecurity Management
Job Description

About the job
As an ICT Security Specialist, you will be responsible for implementing and maintaining the security of company assets in accordance with industry standards. You will also ensure that all internal processes are in line with regulations and best practice guidelines. Your responsibilities include reviewing vulnerabilities to identify potential issues; updating policies, procedures and documentation as required; auditing systems to find any weaknesses or vulnerabilities within them; setting up new systems/applications from scratch where necessary; ensuring that critical assets are kept secure at all times by protecting access credentials. Youll have a thorough understanding of cyber security legislation and requirements including ISO 27001:2013 (Information Security Management System), COBIT 5, ITIL v3 (Service Desk) etc.

Requirements

Technical and Support of new and existing security tools
Security initiatives as and when required
Ensuring they keep up to date on procedures and best practice relevant to their job responsibilities
Reporting any possible and actual breaches, errors, or complaints
Working with Qualys Vulnerability
Management and Web Application
Work with Forti Analyzer critical information on threats across the entire attack surface
A very good knowledge of Symantec Endpoint Protection and Encryption
Knowledge of industry frameworks (ISO 27001/2, COBIT, ITIL)
Ensure that all Information Security policies and procedures are followed according to the Client requirement
Provide sound security advice to Client’s clients
Creation of hardening Standards for ICS department
Assist with Cyber security awareness campaigns
Assist with ICS Audits and Risks
Maintain the technical risk register
Assist departments that are struggling to remediate vulnerabilities
Enhancements and Implementation
Deployment of new security solutions to Production
Initiate, recommend, and implement new solutions
Conduct assessment of proposed solutions and existing solutions
Documenting security processes and storing them in a shared document repository

Qualifications

Bachelor’s degree in Computer Science, IT or Information Systems required
Five years of experience in a security related field
Experience with Microsoft technologies preferred

Quick response
Required Knowledge
  • K0001   Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0002   Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • K0004   Knowledge of cybersecurity and privacy principles.
  • K0005   Knowledge of cyber threats an`d vulnerabilities.
  • K0008   Knowledge of applicable business processes and operations of customer organizations.
  • K0018   Knowledge of encryption algorithms
  • K0038   Knowledge of cybersecurity and privacy principles used to manage risks related to the use, processing, storage, and transmission of information or data.
  • K0043   Knowledge of industry-standard and organizationally accepted analysis principles and methods.
  • K0048   Knowledge of Risk Management Framework (RMF) requirements.
  • K0054   Knowledge of current industry methods for evaluating, implementing, and disseminating information technology (IT) security assessment, monitoring, detection, and remediation tools and procedures utilizing standards-based concepts and capabilities.
  • K0061   Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
  • K0087   Knowledge of system software and organizational design standards, policies, and authorized approaches (e.g., International Organization for Standardization [ISO] guidelines) relating to system design.
  • K0126   Knowledge of Supply Chain Risk Management Practices (NIST SP 800-161)
Required Skills
  • S0027   Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
Required Abilities
  • A0161  Ability to integrate information security requirements into the acquisition process; using applicable baseline security controls as one of the sources for security requirements; ensuring a robust software quality control process; and establishing multiple sources (e.g., delivery routes, for critical system elements).
  • A0167  Ability to recognize the importance of auditing Communications Security (COMSEC) material and accounts.