IT Security Analyst at Britam

Job purpose

• Responsible for the maintenance and enhancement of the information security and integrity of the company through the monitoring and rationalization of security technologies within the infrastructural and business areas.
• Responsible for conducting regular audits to ensure compliance with company policy and procedures including Disaster Recovery and business continuity planning.

Key responsibilities

• Act as the staff`s central point of contact for all ICT security incidents, develop incident handling procedures, report all incidents to the responsible incident response capability and track remedial actions;
• Perform periodic Network infrastructure vulnerability assessments and penetration tests
• Continuously review and report on infrastructure security (e.g. activity logs, backup logs, audit trails etc.);
• Administration of security technologies;
• Respond to ICT security incidents;
• Participate in Disaster Recovery and BCP planning and tests;
• Review and advise on ICT Change requests and related processes;
• Document and promote awareness of security practices, processes, procedures and policies;
• Conduct ICT security reviews and vulnerability audits to ensure compliance with the company’s policy
• Coordinate and where relevant address security audit issues;
• Implement existing and new ICT security practices to ensure they fit within the business needs and optimise the utilisation of all resources;
• Assist other areas of ICT to ensure any technical designs or advice provided is accurate and fit for purpose from an Information Security perspective;
• Maintain a security risk register of information risks with assigned owners and work with the Manager IT Security and Compliance to define appropriate work packages to mitigate risks;
• Establish a process to track remedial actions to mitigate information security risks in accordance with the company’s standards with regular reports of progress to the Manager IT Security and Compliance;
• Ensure that information security is addressed in the development and acquisition process of information systems and security related products; and
• Perform any other duties assigned from time to time.

Key Performance Measures

• Information Security Policies, Standards development.
• Procedures and minimum baseline standards(checklist/Guideline) development and communication.
• Monthly Security and Vulnerability assessments reports.
• Security Designs Matrix for all business applications.
• New Systems Security Risk Assessment report.
• Provide reoccurring reports for network and host-based security solutions.
• Develop trends dashboard on information security event and mitigation on a monthly basis.

Knowledge, Experience And Qualifications Required

• Degree in Computer Science/Electrical Eng./Technology Management
• Knowledge in software, Hardware, Systems Administration, Network Technology
• Professional Information Security qualifications: CCNA/CISA/ITIL
• 4-6 years’ experience in a large IT environment with a minimum of 3 years Information Security & Compliance experience – in penetration testing and vulnerability assessments, IDS/Firewalls/VPN Administration, content filers, Security scan tools, Network and Systems Administration
• Experience in enterprise security architecture design
• Experience in enterprise security document creation
• Experience in designing and delivering employee security awareness training
• Experience in developing Business Continuity Plans and Disaster Recovery Plans

Competencies

Technical/ Functional skills;

• Advanced networking competencies
• Strong understanding of IP, TCP/IP, and other network administration protocols
• Superior analytical, evaluative, and problem-solving abilities
• Familiarity with Ms Windows, Unix, and Linux Operating systems and databases and virtualisation technologies
• Exceptionally self-motivated, directed, and detail oriented
• Open-minded and adaptable
• Resilient and persuasive

Core competencies;

• Communication skills
• Building relationships
• Focuses on the customers
• Develops self
• Solves problems

Wednesday, November 23, 2016

Bachelors Degree in Computer Science