Position Title: IT Security Specialist

Similar documents
IT MANAGER PERMANENT SALARY SCALE: P07 (R ) Ref:AgriS042/2019 Information Technology Manager. Reporting to. Information Technology (IT)

ROLE DESCRIPTION IT SPECIALIST

ENDNOTE SECURITY OVERVIEW INCLUDING ENDNOTE DESKTOP AND ONLINE

Information Security Controls Policy

Your Trusted Partner in Europe European Business Reliance Centre

EUROPEAN ICT PROFESSIONAL ROLE PROFILES VERSION 2 CWA 16458:2018 LOGFILE

2017 Company Profile

A company built on security

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

CCISO Blueprint v1. EC-Council

Angela McKay Director, Government Security Policy and Strategy Microsoft

NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT?

locuz.com SOC Services

University of Pittsburgh Security Assessment Questionnaire (v1.7)

Marine Institute Job Description

ADIENT VENDOR SECURITY STANDARD

Florida Government Finance Officers Association. Staying Secure when Transforming to a Digital Government

Information Security Controls Policy

Simplify Your Network Security with All-In-One Unified Threat Management

Technical Consultant. Job Title Technical Consultant. Department Service Department. Reporting to Service Manager

BHConsulting. Your trusted cybersecurity partner

WORKSHARE SECURITY OVERVIEW

CAPABILITY STATEMENT

Security

Cybersecurity What Companies are Doing & How to Evaluate. Miguel Romero - NAIC David Gunkel & Dan Ford Rook Security

Security and Privacy Governance Program Guidelines

Texas Reliability Entity, Inc. Strategic Plan for 2017 TEXAS RE STRATEGIC PLAN FOR 2017 PAGE 1 OF 13

DIGITAL TRUST Making digital work by making digital secure

Canada Life Cyber Security Statement 2018

What It Takes to be a CISO in 2017

Cyber Security Program

to Enhance Your Cyber Security Needs

Rethinking Information Security Risk Management CRM002

CONTEMPORARY CYBER ATTACK TRENDS AND CHALLENGES DR SHASHWAT RAIZADA

Position Description. Computer Network Defence (CND) Analyst. GCSB mission and values. Our mission. Our values UNCLASSIFIED

SECURITY SERVICES SECURITY

IT SECURITY OFFICER. Department: Information Technology. Pay Range: Professional 18

Emerging Technologies The risks they pose to your organisations

SALARY $ $72.54 Hourly $3, $5, Biweekly $8, $12, Monthly $103, $150, Annually

Senior Technical Consultant

Policy. London School of Economics & Political Science. Remote Access Policy. IT Services. Jethro Perkins. Information Security Manager.

LTI Security Services. Intelligent & integrated Approach to Cyber & Digital Security

How do you decide what s best for you?

M a d. Take control of your digital security. Advisory & Audit Security Testing Certification Services Training & Awareness

COURSE BROCHURE. COBIT5 FOUNDATION Training & Certification

COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN

SECURING YOUR ASSETS / company_presentation_en_v1.00 / RG-C0

Marine Institute Job Description

POSITION DESCRIPTION

BUILDING AND MAINTAINING SOC

BHConsulting. Your trusted cybersecurity partner

Bringing Cybersecurity to the Boardroom Bret Arsenault

Staffing Services UnderDefense your source of experienced professionals to solve security staffing challenges today

Position Description For ICT Officer Support Information, Technology and Communication Department Hobart

Protecting your data. EY s approach to data privacy and information security

RESOLUTION 45 (Rev. Hyderabad, 2010)

NORTH AMERICAN SECURITIES ADMINISTRATORS ASSOCIATION Cybersecurity Checklist for Investment Advisers

ASSISTANT ICT NETWORK MANAGER. JOB DESCRIPTION Support Staff

Manchester Metropolitan University Information Security Strategy

Bringing cyber to the Board of Directors & C-level and keeping it there. Dirk Lybaert, Proximus September 9 th 2016

Implementation Strategy for Cybersecurity Workshop ITU 2016

Package of initiatives on Cybersecurity

Commonwealth Cyber Declaration

Compliance: How to Manage (Lame) Audit Recommendations

Defense in Depth Security in the Enterprise

CISM Certified Information Security Manager

Information Security Data Classification Procedure

Risk Advisory Academy Training Brochure

Avanade s Approach to Client Data Protection

Department of Management Services REQUEST FOR INFORMATION

Annexure 08 (Profile of the Project Team)

Address C-level Cybersecurity issues to enable and secure Digital transformation

Crises Control Cloud Security Principles. Transputec provides ICT Services and Solutions to leading organisations around the globe.

Cybersecurity The Evolving Landscape

AT&T Endpoint Security

Evolving the Security Strategy for Growth. Eric Schlesinger Global Director and CISO Polaris Alpha

State of South Carolina Interim Security Assessment

Position Description IT Auditor

Virginia State University Policies Manual. Title: Information Security Program Policy: 6110

NATIONAL CYBER SECURITY STRATEGY. - Version 2.0 -

Securing Your Digital Transformation

CyberSecurity. Penetration Testing. Penetration Testing. Contact one of our specialists for more information CYBERSECURITY SERVICE DATASHEET

Nine Steps to Smart Security for Small Businesses

A Strategy for a secure Information Society Dialogue, Partnership and empowerment

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

Enabling Security Controls, Supporting Business Results

Stakeholders Analysis

Symantec Security Monitoring Services

Disaster Recovery and Business Continuity Planning (Mile2)

FDIC InTREx What Documentation Are You Expected to Have?

POSITION DESCRIPTION

Mark Littlejohn June 23, 2016 DON T GO IT ALONE. Achieving Cyber Security using Managed Services

Plenipotentiary Conference (PP- 14) Busan, 20 October 7 November 2014

KENYA SCHOOL OF GOVERNMENT EMPLOYMENT OPORTUNITY (EXTERNAL ADVERTISEMENT)

AUSTRALIA Building Digital Trust with Australian Healthcare Consumers

Job Description. ICT Systems Administrator

NATIONAL INFORMATION TECHNOLOGY AUTHORITY - UGANDA (NITA-U) REGIONAL COMMUNICATIONS INFRASTRUCTURE PROGRAM (RCIP) INFORMATION SECURITY SPECIALIST

Evaluation of technologies that will improve the UEL IT infrastructure, recommending and advising on strategic improvements

Security Director - VisionFund International

Cyber Security in Europe

Transcription:

Position Title: IT Security Specialist SASRIA SOC LIMITED Sasria, a state-owned company, is the only short-term insurer in South Africa that provides affordable voluntary cover against special risks such as civil commotion, public disorder, strikes, riots and terrorism to any individual, business, government or corporate entity that has assets in South Africa. Sasria has a dual mandate legislative mandate that directs our day-to-day business operations, and a broader strategic mandate, like any other business in South Africa, to make a positive contribution to transforming our industry and our country, in order to make our country a better place for all her people. Vision To protect the assets of all South African against extraordinary risks Mission The vision will be achieved via our mission of driving sustainable and vibrant business by: Balancing shareholder value creation with having a positive social impact; Providing excellent customer service; Being clear and consistent in our communication; Developing the skills and capacity of own employees; Improving our current strategic current strategic partnerships, and establish new ones; and Providing innovative and relevant products; Core Values The following values underpin Sasria s pursuit of its stated vision and mission: Professionalism - we will treat our stakeholders i.e. customers, employees and shareholders - with respect and dedication while remaining accountable to them; Integrity - we will conduct ourselves in a manner that is fair, transparent and ethical, and uphold high levels of equality and trust; Teamwork in the performance of our tasks we will be guided by the ideals of unity of purpose, cooperation and mutual respect; Innovation - we will create opportunities for creativity and learning and encourage same amongst

our employees; and Customer Centricity - We strive to meet and exceed our customer's expectations. ROLE DESCRIPTION Job summary statement/purpose To actively protect the organisations information technology assets and infrastructure from external or internal threats and ensuring compliance with statutory and regulatory requirements regarding information access, security and privacy The role will be divided into the following components: IT Security management (detecting, prevention, Mitigation, Recovery and Accountability) 70% Risk management- 10% IT Service Management- 20% Key performance areas (duties & responsibilities) 1. IT Security Design, configure, deploy, and maintain Sasria security infrastructure Actively protect the organisations information technology assets and infrastructure from external or internal threats and ensuring compliance with statutory and regulatory requirements regarding information access, security and privacy Analyse problems, recommend solutions, products, and technologies to meet business security and information security objectives Recommend best security practices to achieve business objectives, advises on risk assumptions for any variances granted, and provides alternatives to achieve desired end results Identify, resolve and assist in management of security threats, vulnerabilities, noncompliances and risks, focusing on application security

2. Cyber-Security (Content Filtering, etc) Coordinating cybersecurity risk mitigations (including cybersecurity awareness) Control and monitor a spam management solution in order to minimise the amount of spam received by the Sasria. Control and monitor filtering of harmful email attachments received from external sources at the gateway (firewall). Ensure and monitor filtering of harmful and non-business related email attachments received from internal and external sources at the relevant mail server. Oversee and monitor filtering for all users browsing the Internet restricting access as per business requirements. Monitor systems for any anomalies, proper updating, and patching Identifying and minimizing information security vulnerabilities 3. Firewall Monitoring and control Monitor gateway firewall for malicious activity and restrict network access using the firewall policy as per business requirements. Implement firewall solutions to properly secure the organisations data and provide consultation on all new firewall implementations, firewall configuration changes, and projects requiring security operational support Evaluate and monitor the firewall to prevent virus attacks from an external source. 4. Anti-Virus Management Scan all email from external and internal sources for viruses and malicious attachments at the Microsoft Exchange server. Evaluate and maintain an enterprise wide desktop-based Anti-Virus client and ensure that all clients have the most recent updates. 5. Server Controls and Encryption and Remote Access (SSL VPN) Control and maintain access to central server network shares as per requests from business. Control and maintain the server hardware and software environment.

Control and maintain electronic certificates for relevant server in the IT environment. Control, admin and provide data encryption to staff as per business requirement. Administer and maintain a remote access system (SSL VPN) users. 6. User Support Provide second line support to users with any Information Security related queries within the SLA time frame. Overseeing and providing advanced support on open issues (e.g. customer logged tickets, incidents, projects etc.) Assist in incident response for any breaches, intrusions, or theft Coach and guide Service desk and IT support in their incident response in regards to security, and appropriately escalating issues in-line with the service management processes and procedures Overseeing and providing advanced support on open issues (e.g. customer logged tickets, incidents, projects etc.) Assist the end-user, and IT in requesting security variances and implementation of subsequent configuration change requests 7. Ad hoc tasks Recommend best security practices to achieve business objectives, advises on risk assumptions for any variances granted, and provides alternatives to achieve desired end results Research identify and recommend improvement to capabilities and maturity of threat and vulnerability management strategy, policy, standards, processes, procedures and tools in order to deliver value to the business Maintains system documentation and configuration data for regulatory and audit purposes

QUALIFICATIONS and EXPERIENCE: Minimum requirements: A relevant diploma/degree in Information Communication Technology at NQF level 5/6 as recognized by SAQA. Relevant IT security certifications (CompTIA Security, ISO 27000 ect) Ideal and advantage: ITIL certificate ITIL Member of a professional body within ICT. Experience: 3-5 years IT security experience either in public or private environment. Proven track record of driving innovation in their Domain expertise area. Knowledge Cyber security controlling and monitoring Budget management Understanding relevant legislation Enterprise Architecture Understanding Sasria regulations, policies and procedures Cyber security tools & frameworks Attributes/values Analytical Detail oriented Assertive Business ethics, integrity and corporate governance Sound judgement Diplomatic Cultural sensitivity

Ability to establish and maintain harmonious working relationships with co-workers, staff and external contacts, and to work effectively in a professional team environment. Ability to work independently and under pressure Demographics A South African citizen of any gender, preference will be given to an EE candidate. Travelling and overtime Traveling will be required locally- when required. CLOSING DATE: 07 March 2018 CONTACT PERSON: careers@sasria.co.za

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback