Security Analyst

Our client is seeking talented Information Security Analysts, to join Information and Cyber Security team. This is a role which plays a critical part in ensuring that the client derives value from its investment Information and Cybersecurity and reports to the Senior Manager Information and Cybersecurity Services in the Enterprise Infrastructure Services division.

Successful applicants will be responsible for evaluating and strengthening the security posture through continuous vulnerability, incident handling and security assessments. If you have the skills and are excited by all things cyber, then keep reading.

Responsibilities include:

• Monitoring the university’s network for information and cybersecurity anomalies
• Handling the entire lifecycle of your assigned security incidents from detection to resolution and root cause analysis
• Planning and implementing information and cybersecurity measures to protect computer systems, networks and data.
• Providing input to disaster recovery plans
• Performing risk assessments and recommending information and cybersecurity controls and technical measures (e.g., firewalls, data encryption)
• Recommending information and cybersecurity enhancements
• Developing and implementing information security related processes, systems, and services through project work
• Providing technical leadership for one or more information and cyber security systems and/or service components
• Contribute and participate in information security awareness drives and campaigns
• Develop and maintain security policies and procedures
• Engage with infrastructure, application support, and development teams to ensure security best practices
• Review existing and new technology architecture for data privacy and protection compliance
• Review existing and new technology to ensure it adheres to corporate information security standards.
• Work with information security engineering to ensure all security tools are deployed
• Educate and promote secure software development lifecycle
• Assess current technology architecture for vulnerabilities, weaknesses and for possible upgrades or improvement
• Assist with Ad hoc duties from time to time
• Assist with Projects as allocated by line manager

Qualification and experience:

• Relevant qualification at NQF level 7 and
• 10 years’ experience in enterprise ICT applications and infrastructure of which 5 years must be relevant current technical hands-on experience
Skills and competencies required
• Knowledge of (or at least a strong interest in and exposure to) information security concepts and technologies such as IDS, and endpoint security products, SIEM and SOAR platforms, web application firewalls, network security, computer security, digital forensics and vulnerability management methodology and tools
• Experience in handling the entire lifecycle of your assigned security incidents from detection to resolution and root cause analysis
• Knowledge and experience in implementing and configuring enterprise antivirus solutions (server and Desktop)
• Exposure to specialized IR processes such as reverse engineering, red/blue team exercises, forensics and investigations of data exfiltration and lateral movement
• System Administrator knowledge and working experience in Windows/Linux environments
• Fundamental knowledge and experience with Vulnerability and Patch Management within an Enterprise environment
• Experience providing security architecture guidance to systems administrators and developers
• Understanding of information security frameworks (e.g., ISO, NIST) and digital forensic methodologies and possible shortcomings they may have.
• Confidently and professionally interview/question users to determine or confirm root cause
• Communicate effectively with response and business partners
• Experience in providing status updates to executives and stakeholders in non-technical terms encompassing risk, impact, containment, remediation, etc
• An autonomous / self-managed work style

Advantageous Skills:

• Scripting and basic programming in PowerShell and Python.
• Building and monitor SIEM alerting and dashboards.
• Current Industry-recognized certifications e.g., Security+, CEH, CISA, CISSP, OSCP
• Working understanding of applicable legislation (security and privacy)
• Relevant NQF 8 qualification and/or experience in Higher Education is advantageous