Specialist Secure by Design

 

Recruiter:

A 1L Realization (Pty) Ltd

Job Ref:

JHB000264/VB

Date posted:

Friday, August 5, 2022

Location:

Midrand, South Africa


JOB SUMMARY:
Our client in the Telecommunications sector requires a Specialist Secure by Design for a 12 months contract.

JOB DESCRIPTION:

Role purpose: The primary purpose of the role is to work within a team of Secure by Design and Security Architecture specialists, in collaboration with the Privacy and Business Risk Teams to Perform Secure by Design Assessments against Client’s policies and standards. In performing this role you will:

  1. Identify potential cyber security risks for new products, services and operations and identify controls to minimise, mitigate or remove those privacy and security risks;
  2. Review Design and implementation of the identified controls to ensure they are built into the product (at Design & Build stages);
  3. Provide assurance that privacy and security controls have been implemented before the product goes “live” and product complies with Client Security requirements and applicable laws (at Test & Go-Live stages);
  4. Assess security and privacy risks arising from changes to existing live products that impact the processing of personal data (In-Life); and
  5. Ensuring security and privacy risks are addressed when decommissioning these products (Decommissioning).

You will also be required to drive the delivery of Cyber Security strategy and maturity improvement or risk reduction initiatives into the business unit(s) to which you will be assigned, monitor progress against agreed targets with the objective of safeguarding Client Infrastructure and customer data from Cyber threat actors. This role will involve working with Busines unit, Cyber and IT stakeholders South Africa to drive out Cyber Security baseline requirements – Some of these responsibilities may extend to collaboration with Group Cyber Security and other operating companies to ensure that cyber security controls are consistently applied across markets.


Key accountabilities and decision ownership:

  • Provide technology security assurance, guidance and support to high profile projects.
  • Ensure security is embedded in IT System and Network Infrastructure (Mobile, IS and Enterprise).
  • Defining, implementing, and efficiently maintaining technology security controls and requirements.
  • Ensure timely delivery of technology security assurance and support for projects, products and services.
  • Ensure compliance with Legal and Regulatory requirements.
  • Support Technology Security awareness programs and educational efforts within the business unit to which you are assigned.
  • Provide accurate and timely reporting of technology security risks identified during secure by design assessments, project engagement and propose remediation and mitigation options in line with policy and good practice
  • Fulfil key customers’ obligations and stakeholders’ expectation.
  • Ensure financial efficiency in Tech Security Solutions.
  • Ensure compliance with the applicable legislative and regulatory interpretation and corporate risk appetite.
  • Engage with the stakeholders on compliance to control effectiveness and deficiencies in the design and operating effectiveness of information security controls, design and recommend opportunities for continuous improvement.
  • Manage and conduct formal information security risk analyses, reviews, tests, audits and/or self-assessments.
  • Design appropriate remedial actions for identified risks, drive remediation of findings and management of risks and exemptions.
  • Assist to compile a report of information security risks in an appropriate way for different audiences.
  • Develop, manage and maintain an information security incident management capability.
  • Collaborate with various key stakeholders, and provide information security advice to stakeholders.
  • Together with CSO team advise on Security decisions for the Agile Team to which you have been assigned and guide the identified Security Champions to imbed security within the CI/CD pipeline.

Core competencies, knowledge and experience:
  • 3 year Technical Diploma/Degree in Information Security, Computer Science or Engineering
  • An industry certification. The CISSP is strongly preferred, however CCSP, OSCP, CISM, CISA or other relevant certifications will be considered. Security/IT Architecture qualifications such as SABSA, TOGAF etc and relevant security architecture experience will be an added advantage.
  • Minimum of 3-5 years of experience in Cyber Security role.
  • Knowledge of common information technology management / compliance frameworks such as ISO/IEC 27001, NIST CSF, ISF, PCI DSS, OWASP, SANS etc.
  • A deep understanding of Technology Security risks and mitigating solutions.
  • A diverse security background with knowledge and experience in three or more of the Security Domains including: Security Assessment and Testing; Software Development Security; Security Governance and Risk Management; Security Architecture and Engineering; Communication and Network Security; Identity and Access Management; Security Operations; Asset Security.
  • Specialist experience in Either DevSecOps, Application Security, Security Architecture or Offensive Security will be an added advantage.
  • Knowledge of operating systems such as Windows and Linux and how to secure them
  • Knowledge of and/ or experience in creating and managing DevSecOps pipelines practicing CSA, SAST, DAST, and Security as Code will be an added advantage
  • Be well-versed in at least one of the programming languages like Java, PHP, Python, Ruby, and Perl so as to collaborate competently with software engineering teams within the organization to identify and implement opportunities for improvement and automation in the CI/CD pipeline.
  • Knowledge of Cloud and container technologies such as AWS/GCP/Azure, Docker, Kubernetes, and how to implement developer tools such as GitHub and Dependency management will be an added advantage.
  • Knowledge of configuration management tools such as Chef, Puppet, and Ansible will be an added benefit.
  • Ability to work under time and resource pressure
  • An ability and desire to collaborate and communicate with a broad set of stakeholders.
  • A customer-focused, responsive, and transparent attitude.

 

NB! This job is now closed. You can apply for other jobs by uploading your CV.


 

 

 

Similar jobs you might be interested in:

Microsoft SAM Specialist / Software Asset Management Specialist
Location: Centurion
Salary: Market related
managing and optimizing the purchase, deployment, maintenance, utilization, and disposal of software
6 days ago


Electro-mechanical Fitters / Diesel Mechanics - to work in Ireland
Location: Johannesburg
Salary:
Our client in Ireland is in the Plant Hire (heavy construction equipment and vehicles)  industry and is seeking to employ suitably qualified Heavy Construction Vehicle (Electro-mechanical) Fitters and Heavy Diesel Mechanics from South Africa.The positions are based in various towns including Dublin. Role PurposeTo assist the branch in the maintenance, repair and management of branch-base...
8 days ago


Cybersecurity Specialist
Location: Johannesburg
Salary:
Our client is looking for a talented Cybersecurity specialist to join their team and contribute to the development of secure software solutions while ensuring compliance with emerging cybersecurity standards from the US and Europe, including ad hoc client cybersecurity requirements. This role will primarily focus on secure Software Development (SGD) and contribute to enhancing their CI/CD developm...
9 days ago


Pr Eng Electrical Engineer
Location: Midrand
Salary: 600 000 Annually
Pr Eng Electrical Engineers, with 3 years' experience, look no further as this is your new career.
19 days ago


Senior C# Software Engineer – Bedfordview (in-office) – up to R1m Per Annum
Location: Johannesburg
Salary: 1 000 000
Senior C# Software Engineer – Bedfordview (in-office) – up to R1m Per Annum
19 days ago


Senior C# Developer (Back End) – Centurion (Hybrid) – up to R1 Million
Location: Pretoria
Salary: 1 000 000
Senior C# Developer (Back End) – Centurion (Hybrid) – up to R1 Million
27 days ago


Senior Quality Assurance Technician
Location: Boksburg
Salary: Market related
To ensure effective quality assurance through the effective execution of raw materials quality
27 days ago


Financial Planner
Location: Johannesburg
Salary: Commission + Incentives + Allowances
Financial Advisor
28 days ago


Cybersecurity Specialist
Location: Centurion
Salary:
Our client is looking for a talented Cybersecurity specialist to join their team and contribute to the development of secure software solutions while ensuring compliance with emerging cybersecurity standards from the US and Europe, including ad hoc client cybersecurity requirements. This role will primarily focus on secure Software Development (SGD) and contribute to enhancing their CI/CD developm...
10 days ago


Create a free job alert for Specialist Secure by Design in Midrand

Enter your email address below and we will email you similar jobs when they become available:

You can cancel at any time. We will not spam you.
By giving us your email address your agree to our Terms and Conditions

 

Jobseekers

Register your CV
Search jobs
Job alerts
CV writing
Blog

Recruiter

Advertise jobs
Search the CV database
How to Write a Job Description

General

Company a-z
Partners
About us
Disclaimer
Terms and conditions
Privacy policy
Cookie policy
POPIA manual
Unsubscribe
Site Map

© Copyright 2024 Executive Placements. All Rights Reserved.