IT Systems Analyst (Developer / Security) needed at Santam Insurance

KEY RESPONSIBILITIES

Security Analysis and Monitoring

• Analyse and assess security measures within the organization’s IT systems. 
• Monitor security alerts and incidents, conduct investigations, and provide timely response to security events. 
• Collaborate with the incident response team to identify and mitigate security incidents. 

Vulnerability Assessment

• Perform regular vulnerability assessments and penetration testing on IT systems to identify and address potential security weaknesses. 
• Work with system administrators and other stakeholders to remediate identified vulnerabilities. 

Security Implementation

• Implement and configure security solutions, including firewalls, intrusion detection/prevention systems, antivirus software, and encryption tools. 
• Ensure the proper configuration and maintenance of security technologies to maximize effectiveness. 

Security Policy and Compliance

• Assist in the development, implementation, and enforcement of information security policies and procedures. 
• Conduct regular audits to ensure compliance with security policies and industry regulations. 
• Provide guidance to other departments to ensure security practices align with established policies. 
• Incident Response
• Participate in incident response activities, including forensic analysis, root cause determination, and documentation. 
• Contribute to the development and improvement of incident response plans. 

Security Awareness and Training

• Contribute to security awareness programs by developing training materials and conducting sessions for employees. 
• Stay informed about the latest security threats and trends to update training programs accordingly. 

Documentation and Reporting

• Maintain comprehensive documentation related to security configurations, incident reports, and risk assessments. 
• Generate regular reports on the security status, incidents, and performance of security systems. 

Collaboration and Communication

• Collaborate with IT teams, system administrators, and other stakeholders to integrate security measures seamlessly into IT processes. 
• Communicate security risks and recommendations to technical and non-technical audiences effectively. 

QUALIFICATIONS AND EXPERIENCE

• Bachelor’s degree in information security, Computer Science, or a related field.
• Professional certifications such as CISSP, CISM, or equivalent. 
• 10 years of development experience with at least 3 years of information security experience.
• Proven experience in information security, including security analysis, vulnerability assessment, and incident response. 
• At least three years’ experience in security technology tools like Firewalls, Intrusion Detection Systems (IDS), and Intrusion Prevention Systems (IPS), Antivirus and Antimalware Software, Security Information and Event Management (SIEM), QRadar, and ArcSight, Data Loss Prevention (DLP), Endpoint Security, Encryption Tools, Identity and Access Management (IAM), Nessus, Qualys, SCCM, and DevSecOps.