Specialist: ICT Security
  • South Africa Pretoria
  • Kamo Placements
1 year before
31.12.2023
Protect and Defend
Cyber Defense Infrastructure Support
Job Description

Design, develop, implement and maintain cybersecurity activities across the organisation and identify and establish security initiatives and standards as well as review and update the company's IT security policies by setting procedures and guidelines that will ensure all IT systems are functional and secure systems

Job Description

Ensure the effective implementation and maintenance of all system access control and maintenance of role-based security, and conduct regular security audits and take corrective action to support the delivery of optimal service to the company.
To advise on and ensure the effective implementation and maintenance of secure access and communicate feedback to enable associated security risk management.
Develop disaster recovery risk mitigation plans in the cyber security environment
Track systems access control profiles documentation and ensure alignment with ICT security protocols
Participate in the development and implementation of appropriate and effective controls to mitigate identified cyber threats and risks
Provide specialist advice and consultation to safeguard information systems through identification and management of cyber security risks, audits and vulnerabilities
Maintain a register of all security changes and access granted via call logging system.
Conduct security audits and access reviews to ensure compliance and perform root cause analysis.
Maintain current knowledge of the cybersecurity industry's emerging technologies Implement and maintain the cybersecurity systems development process within relevant company systems.
Provide feedback and input at the change request meetings ensuring that there is no conflict with other applications on new updates or changes implemented.
Recommend and implement system and technology solutions and improvements.
Assist in identifying and adhering to fraud controls, risk prevention principles, sound governance and compliance processes, and tools to identify and manage risks
Support and provide evidence to all internal and external audit and regulatory requirements.
Maintain quality risk management standards in line with regulatory requirements.
Build and maintain effective internal and external stakeholder relationships for the purpose of expectations management, knowledge sharing and integration, and to manage the organisation's reputation.
Represent and participate in the organisation's committees and tasks teams when required.
Convene and attend meetings and present relevant information stakeholders when required.

Qualifications

JOB REQUIREMENTS

Diploma + Advanced Diploma / B-Degree in ICT, IS
Computer science or related field
Certified Information Systems Security Professional (CISSP) Certification is essential
Information Security certification such as CISA, CISM, CEH, etc. is preferred.
Information Technology Infrastructure Library (ITIL) Foundation Certification is preferred

Experience

8 years relevant work experience in ICT security environment
4 years specialist experience working in ICT security control in a corporate environment
Proven track record of implementing and coordinating ICT security policies by setting procedures and guidelines that will ensure all IT systems are functional and secure

Desired Skills

Security architecture skills
ICT Security Management tools
Communication Skills

Quick response
Required Knowledge
  • K0001   Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0033   Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists).
  • K0061   Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
  • K0104   Knowledge of Virtual Private Network (VPN) security.
  • K0179   Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • K0332   Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
Required Skills
  • S0007   Skill in applying host/network access controls (e.g., access control list).
  • S0059   Skill in using Virtual Private Network (VPN) devices and encryption.
  • S0077   Skill in securing network communications.
  • S0367   Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Required Abilities
  • A0123  Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).