Senior Officer: Cybersecurity needed at Road Accident Fund

Save 3 weeks ago

Job title : Senior Officer: Cybersecurity

Job Location : Gauteng, Centurion

Deadline : November 10, 2024

Quick Recommended Links

Key Performance Areas

Create and Manage Documented Standards, Processes and Procedures

  • Ensure compliance with ICT security standards, processes, and procedures for both systems and applications.
  • Develop and update necessary documentation to support system and application security measures.
  • Support regular reviews of these standards, processes, and procedures.
  • Aid in the creation and upkeep of various documentation, including business recovery plans, technical standards and procedures.

Security Solutions Implementation and Maintenance

  • Develop and implement security procedures, and standards to safeguard company assets and data.
  • Manage and administer common security tools such as Data Loss Prevention (DLP), Antivirus software, and Cloud Security Tools like Cloud Access Security Broker (CASB).
  • Conduct regular security assessments and audits to identify vulnerabilities and assess the effectiveness of existing security controls.
  • Collaborate with IT teams to design and implement security measures for new systems and applications.
  • Provide guidance and support to internal teams on security-related matters, including incident response and security awareness training.
  • Stay abreast of industry trends, emerging threats, and best practices in cybersecurity to continuously improve RAF security posture.

Security Monitoring

  • Monitors networks and analyses intrusions using various tools like Intrusion Detection/ Prevention Systems (IDS/ IPS), firewalls, and Host-Based Security System (HBSS).
  • Identifies unauthorised usage trends by correlating network activity across different networks.
  • Reviews alerts and sensor data, then compiles technical incident reports.
  • Research emerging threats and vulnerabilities to aid in detecting network incidents.
  • Offers incident response support to network subscribers, including implementing containment actions and facilitating forensics analysis as needed.
  • Conducts pre-implementation testing on new computers, software, switch hardware, and routers to ensure security.
  • Assists in developing business continuity/disaster recovery plans, conducts disaster recovery tests, publishes results, and implements necessary changes to address any deficiencies.

2nd Level Support on Cybersecurity Incidents

  • Responds and resolves reported security incidents
  • Responds to and, where appropriate, resolves or escalates reported security service requests
  • Monitors system logs from the SIEM and other network traffic for unusual or suspicious activity. Interprets such activity and makes recommendations or escalate for resolution
  • Collates security incident and event data to produce monthly exception and management reports.
  • Investigates and resolves security violations by providing postmortem analysis to illuminate the issues and possible solutions

Implement Security Controls Across Applicable RAF Systems and Networks

  • Verify all requests and changes are correctly authorised before implementation.
  • Ensure that the implementation of controls follow the RAF change control procedure.
  • Participate in identifying potential security violations, segregation of duties and risks prior to and post implementation of controls.
  • Operate and administer ICT security control solutions to ensure that systems and applications are protected against security threats and vulnerabilities.
  • Adhere to processes and procedures to ensure that security solutions under your control are always functioning correctly.

ICT Security Awareness

  • Participate and assist with the development of Information Security awareness programs within the RAF.
  • Participate and assist with awareness by appropriate means such as, employee briefings, intranet, newsletters, and road shows.
  • Handle enquiries relating to ICT security and escalate where you are unable to assist.

Monitoring, Reviewing and Reporting on ICT Security

  • Participate with all monitoring, reviewing and reporting activities for systems and applications under your control.
  • Participate in defining and implementing processes and procedures to ensure monitoring, reviewing and reporting activities are performed as agreed.
  • Provide quality and accurate inputs for reports as agreed.
  • Participate in monitoring ICT systems and applications changes to security controls and applicable security breaches/incidents and compliance status.
  • Provide inputs for periodic reports on systems and applications under your control.
  • Provide recommendations for appropriate security control improvements, introduction of new security controls.

Auditable Record Keeping

  • Participate and assist with defining and implementing processes and procedures to ensure that auditable records are kept for all security activities for which the teams are responsible.
  • Participate and assist in maintaining all records.

Reporting

  • Track and report against set objectives and targets.
  • Report on emerging risks.
  • Provide ad hoc reports on process improvement initiatives.

Stakeholder Management

  • Maintain healthy relationships with all stakeholders.
  • Follow up and resolve all queries, following up and making recommendations on which corrective actions are appropriate.
  • Follow up and feedback to all stakeholders to keep them updated on the status of a query.
  • Respond to queries within the predefined turnaround times.

Audit Recommendation Analysis and Implementation

  • Participate and assist in defining and implementing processes and procedures to ensure that audit recommendations are:
  • analysed before implementation thereof.
  • are properly authorised and implemented within the time schedules agreed.
  • Assist in implementing recommended changes as per audit
  • Participate and assist in reporting the status of recommendation analysis and implementation regularly to management.

Qualifications and Experience

  • Bachelor’s Degree/ Advanced Diploma in Information Technology related qualification.
  • Certifications such as Security +, CISSP CEH Cybersecurity Practitioner Certification are advantageous.
  • Relevant 4 years’ experience in an ICT Security related environment.
  • Experience in developing, documenting and maintaining security procedures.

How to Apply for this Offer

Interested and Qualified candidates should Click here to Apply Now

  • ICT jobs

Share this job