Business Information Security Specialist

SUMMARY:

Our client an international gaming giant is seeking a Business Information Security Specialist who will primarily be responsible for line of business Information Security requirements, projects, and various operational activities, but may get involved and assist in company wide projects and initiatives from time to time. The successful individual will be responsible to assess information security risk in all aspects of their role and assist with the analysis, planning, implementation, maintenance, troubleshooting, and enhancement of security controls within their information technology systems. Daily responsibilities may include work on a diverse array of systems spanning traditional on premise and cloud IT infrastructures.

POSITION INFO:

Personal Specifications:

• Accountability and Execution
• Resilient
• Self-Starter
• Problem Solving
• Good logical and structural thinking.
• Collaborative Relationships
• Influences effectively
• Time management
• Adaptability / Flexibility
• Attention to detail
• Good sense for quality, teamwork, and innovation.
• Able to work independently or with limited assistance.

Desirable Criteria:

• Degree level qualification / CISSP / CISM or equivalent is desirable
• Working experience with Checkpoint / Splunk / Microsoft Azure Security Certifications would be highly beneficial.
• Experience on any of the following vendors and or technologies would be highly beneficial, F5, Checkpoint, Cisco, Endpoint Security Solutions, Splunk, Entrust, Observe IT, Microsoft Azure, Microsoft Systems, Red hat Linux, Microsoft SQL, Ansible etc.
• Proven security domain knowledge and/or subject matter expertise is advantageous.

Essential Criteria:

• Experience in consultative roles with mid to c level engagement experience.
• Proven track record in security service delivery.
• Ability to align to and deliver on business priorities while maintaining a affective security control posture.
• Significant/Relevant IT industry experience
• Proven security domain knowledge and/or subject matter expertise is advantageous
• Ability to manage multiple deadlines and perform under pressure

Duties include, but not limited to:

• Architects, designs, implements, maintains, and operates information system security controls and countermeasures.
• Analyses and recommends security controls and procedures in acquisition, development, and change management lifecycle of information systems, and monitors for compliance.
• Analyses and recommends security controls and procedures in business processes related to use of information systems and assets and monitors for compliance.
• Plan and coordinate in state ad-hoc and annual audits.
• Work with various internal and external stake holders to drive audit findings to closure.
• Design processes and implement systems to monitor systems for security incidents and vulnerabilities; develops monitoring and visibility capabilities; reports on incidents, vulnerabilities, and trends.
• Responds to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches; interacts and coordinates with third-party incident responders, including law enforcement.
• Design, deploy and administer authentication and access controls, including provisioning, changes, and deprovisioning of user and system accounts, security/access roles, and access permissions to information assets.
• Analyse trends, news and changes in threat and compliance environment with respect to organizational risk; advises organization management and develops and executes plans for compliance and mitigation of risk; performs risk and compliance self-assessments and engages and coordinates third-party risk and compliance assessments.
• Analyses and develops information security governance, including organizational policies, procedures, standards, baselines, and guidelines with respect to information security and use and operation of information systems.
• Develops and administers, or provides advice, evaluation, and oversight for, information security training and awareness programs.
• Work with various business stakeholders to solve various security challenges as they become known and visibility.
• Irrespective the nature of the engagement or problem at hand always be service oriented.

NB! This job is now closed. You can apply for other jobs by uploading your CV.