IT Security Officer - LAM at Standard Bank Group

Job description

Information Technology: Systems development, business analysis, architecture, project management, data warehousing, infrastructure, maintenance and production.

Job Purpose

To provide IT security and Logical Access Management services to the Bank and in so doing ensure that all IT security and Access Management policies and controls are in place for logical access as per Group guidelines. In addition, the LAM Officer will review all user access requests in conjunction with peers in the related departments prior to the granting thereof. Furthermore, the holder will be responsible for direct follow-ups on all IT related audit issues

Key Responsibilities/Accountabilities

• Manage and support Identity and Access Management operations and governance relating to system, infrastructure and application access, user identity lifecycle management and implementing controls to protect the
• Group's key information
• Work on Access management (Physical and Logical) able to analyze audit logs
• Perform folder and file access revalidation
• Ensuring systems are operated, maintained, and disposed of in accordance with policies and practices.
• Ensuring that all system users have the requisite approvals before granting access to the systems
• Reporting all security-related incidents to the IT Security Manager. (ITSM)
• Initiating, with the approval of the ITSM, protective or corrective measures when a security incident or vulnerability is discovered.
• Facilitating user access periodic reviews.
• Ensuring Configuration Management (CM) for security-related IS software, hardware, and firmware is maintained and documented.
• Ensuring that system recovery processes are monitored to ensure that security features and procedures are properly restored.
• Formally notifying the ISSM and Authorizing Official when changes occur that might affect accreditation.
• Ensuring that system security requirements are addressed during all phases of the system life cycle.
• Following procedures developed by the ISSM, authorizing software, hardware, and firmware use before implementation on the system.
• Endpoint Security
• Oversee the implementation, administration, and operation of multiple endpoint security technologies such as but not limited to Safend, Bitlocker, McAfee ePO
• Produce and track metrics for the effectiveness and maturity of endpoint security technologies and processes
• Work with business units to develop goals for measurement improvement
• Oversee development and operation of endpoint information security executive dashboards
• Manage relations with endpoint security vendors
• Provide support for multiple endpoint information security products
• Oversee configuration and administration of security tools
• Maintain current understanding of industry trends and threats
• Interact with IT Security products and support services and project management office to strategize on new project implementation
• Maintain SLA and OLA agreements for endpoint security management
• Report non-compliance & deviations to appropriate stakeholders.
• Provide support to the Computer Incident Response Team
• Monitor and report on risks and vulnerabilities with suggested recommendations

Summary

• Endpoint security and controls – Safend, device control
• Patching
• Antivirus
• DLP
• Access control
• Recertification

Preferred Qualification And Experience

• Bachelor's Degree in Computer Science or related technical discipline
• Must have a current security certifications: CXISSP, CISM, Security+ GIAC, CEH etc.
• Minimum of three (3) years Logical/ identity and access management experience.
• Ability to demonstrate strong knowledge of computer security concepts.
• Demonstrated ability to document processes and procedures.

Knowledge/Technical Skills/Expertise

• Experience in business application, maintenance and/or Information Security and/or System access management
• Logical Access Management experience across locations, application and / or database systems with associated 1st level control and re-certification.
• Excellent technical knowledge and experience of Logical Access and Identity Management processes
• Experience of Sailpoint would be beneficial.
• Security domain experience in applications, security, infrastructure and integration.
• Experience within the financial services sector is highly desirable
• Solid AD administration experience
• Centrify, Vault and BYOD administration and provisioning experience
• ITIL knowledge preferred but not essential
• Excellent communication skills in writing and oral in English
• Reliable, responsible personality, able to work under pressure with greatest accuracy, able to exercise, troubleshoot, analyse and have independent judgment on a daily basis.