3 weeks ago
Job title : Senior Officer: Cybersecurity
Job Location : Gauteng, Centurion
Deadline : November 10, 2024
Quick Recommended Links
Key Performance Areas
Create and Manage Documented Standards, Processes and Procedures
- Ensure compliance with ICT security standards, processes, and procedures for both systems and applications.
- Develop and update necessary documentation to support system and application security measures.
- Support regular reviews of these standards, processes, and procedures.
- Aid in the creation and upkeep of various documentation, including business recovery plans, technical standards and procedures.
Security Solutions Implementation and Maintenance
- Develop and implement security procedures, and standards to safeguard company assets and data.
- Manage and administer common security tools such as Data Loss Prevention (DLP), Antivirus software, and Cloud Security Tools like Cloud Access Security Broker (CASB).
- Conduct regular security assessments and audits to identify vulnerabilities and assess the effectiveness of existing security controls.
- Collaborate with IT teams to design and implement security measures for new systems and applications.
- Provide guidance and support to internal teams on security-related matters, including incident response and security awareness training.
- Stay abreast of industry trends, emerging threats, and best practices in cybersecurity to continuously improve RAF security posture.
Security Monitoring
- Monitors networks and analyses intrusions using various tools like Intrusion Detection/ Prevention Systems (IDS/ IPS), firewalls, and Host-Based Security System (HBSS).
- Identifies unauthorised usage trends by correlating network activity across different networks.
- Reviews alerts and sensor data, then compiles technical incident reports.
- Research emerging threats and vulnerabilities to aid in detecting network incidents.
- Offers incident response support to network subscribers, including implementing containment actions and facilitating forensics analysis as needed.
- Conducts pre-implementation testing on new computers, software, switch hardware, and routers to ensure security.
- Assists in developing business continuity/disaster recovery plans, conducts disaster recovery tests, publishes results, and implements necessary changes to address any deficiencies.
2nd Level Support on Cybersecurity Incidents
- Responds and resolves reported security incidents
- Responds to and, where appropriate, resolves or escalates reported security service requests
- Monitors system logs from the SIEM and other network traffic for unusual or suspicious activity. Interprets such activity and makes recommendations or escalate for resolution
- Collates security incident and event data to produce monthly exception and management reports.
- Investigates and resolves security violations by providing postmortem analysis to illuminate the issues and possible solutions
Implement Security Controls Across Applicable RAF Systems and Networks
- Verify all requests and changes are correctly authorised before implementation.
- Ensure that the implementation of controls follow the RAF change control procedure.
- Participate in identifying potential security violations, segregation of duties and risks prior to and post implementation of controls.
- Operate and administer ICT security control solutions to ensure that systems and applications are protected against security threats and vulnerabilities.
- Adhere to processes and procedures to ensure that security solutions under your control are always functioning correctly.
ICT Security Awareness
- Participate and assist with the development of Information Security awareness programs within the RAF.
- Participate and assist with awareness by appropriate means such as, employee briefings, intranet, newsletters, and road shows.
- Handle enquiries relating to ICT security and escalate where you are unable to assist.
Monitoring, Reviewing and Reporting on ICT Security
- Participate with all monitoring, reviewing and reporting activities for systems and applications under your control.
- Participate in defining and implementing processes and procedures to ensure monitoring, reviewing and reporting activities are performed as agreed.
- Provide quality and accurate inputs for reports as agreed.
- Participate in monitoring ICT systems and applications changes to security controls and applicable security breaches/incidents and compliance status.
- Provide inputs for periodic reports on systems and applications under your control.
- Provide recommendations for appropriate security control improvements, introduction of new security controls.
Auditable Record Keeping
- Participate and assist with defining and implementing processes and procedures to ensure that auditable records are kept for all security activities for which the teams are responsible.
- Participate and assist in maintaining all records.
Reporting
- Track and report against set objectives and targets.
- Report on emerging risks.
- Provide ad hoc reports on process improvement initiatives.
Stakeholder Management
- Maintain healthy relationships with all stakeholders.
- Follow up and resolve all queries, following up and making recommendations on which corrective actions are appropriate.
- Follow up and feedback to all stakeholders to keep them updated on the status of a query.
- Respond to queries within the predefined turnaround times.
Audit Recommendation Analysis and Implementation
- Participate and assist in defining and implementing processes and procedures to ensure that audit recommendations are:
- analysed before implementation thereof.
- are properly authorised and implemented within the time schedules agreed.
- Assist in implementing recommended changes as per audit
- Participate and assist in reporting the status of recommendation analysis and implementation regularly to management.
Qualifications and Experience
- Bachelor’s Degree/ Advanced Diploma in Information Technology related qualification.
- Certifications such as Security +, CISSP CEH Cybersecurity Practitioner Certification are advantageous.
- Relevant 4 years’ experience in an ICT Security related environment.
- Experience in developing, documenting and maintaining security procedures.
How to Apply for this Offer
Interested and Qualified candidates should Click here to Apply Now
- ICT jobs