Job Summary
Why Us?
The Information Technology and Digital Services tribe are a team of focused professionals who provide the full range of Information Technology and Digital Services to the organisation. The Information Technology and Digital Services requires the services of an Officer: Cybersecurity & Digital Information who meets the below criteria and can contribute successfully to the mission of the Client, based in the Western Cape.
Remuneration: R 732 576.75 (per annum cost to company)
Key responsibilities for the Officer: Cybersecurity & Digital Information are including, but not limited to:
- Assist with identifying and evaluating potential security risks to the Clients information assets.
- Develop and maintain information security policies and procedures that align with relevant laws, regulations, and industry standards.
- Provide cybersecurity training and awareness to employees, members of parliament and support staff to ensure they understand their role in maintaining the security of the Client’s information assets.
- Ability to conduct a robust security awareness program, with knowledge of the KnowBe4 platform.
- Communicate and collaborate with internal and external security providers to ensure that digital information security is integrated into all aspects of the client’s operations and according to best practice.
- Coordinate service requests and incident response activities with the SOC/SIEM managed service provider.
- Consult incident response plans that outline the steps to be taken in the event of a security incident and coordinate with the relevant stakeholders.
- Coordinating activities with respect to security technologies such as server hardening, firewalls, antivirus, email security, endpoint security and endpoint management.
- Perform compliance assessments and vulnerability assessments to ensure the Client’s assets and endpoints are secure. Skills to coordinate the Client’s vulnerability management for endpoints, servers, and network devices
- Ensuring that Client’s compliance with regulations and standards like NIST, ISO 27001, POPIA.
- Create, maintain, and report on Cybersecurity metrics
- Create and distribute monthly and quarterly security reports.
- Ensure adherence to approved security standards of the Client.
Experience required:
- A three-year tertiary qualification / B degree equivalent to NQF Level 7 in Information Technology or a related field
- 3 to 5 years Information security practice
- Relevant certification on the Microsoft Security Reference Architecture
- Working knowledge of information technology security configurations on the LAN/WAN infrastructure.
- Experience with endpoint protection: Microsoft Defender and Intune.
- Experience with governance processes and standards (COBIT, NIST and ITIL).
Technical Competencies
- Proficient as an internal Yellow and Purple Team Champion and effective in coordinating activities with external Blue and Red Team Service Providers.
- Exposure to information system security technical standards (SSL certificates, Anti-virus, Fortinet firewall, endpoint encryption and VLANs and backup and recovery solutions, Radius)
- Microsoft: Knowledge of SQL Database Security, MDE, MDI, Intune, Cloud Apps, Azure ATP, Active Directory, and Sentinel SIEM
- Knowledge of Information security management frameworks, such as ISO/IEC 27001, and NIST
- Knowledge of security services (Firewalls, Proxy’s, DNS, Mail relays like Mimecast.)
- Knowledge of security best practices and monitoring of systems and services hosted in the cloud (IaaS, SaaS).
Must display the following essential skills and competencies:
- Excellent communication and reporting skills
- Attention to detail
- Project management skills
- Time management skills
- Presentation skills
- Analytical skills
- Communication skills
- Knowledge and understanding of legislation and regulatory requirements regarding cybersecurity.
Additional Requirements & Information:
- Kindly submit a recently updated CV
- Copies of relevant qualification to be considered for the role
- Attach an originally certified copy of your ID
- Shortlisted candidates may be required to undergo psychometric assessments
- As part of the selection process, applicants will be vetted for security purposes
Please note that correspondence will be limited to shortlisted candidates. All applications and information received are treated in compliance with POPIA legislation. If you do not receive a response within thirty (30) days from the closing date of the advertisement, consider your application as unsuccessful.
Closing date for applications: 22 October 2024