In this role the Information Security Specialist works with the Information Security Manager and Local IT Team Leaders to ensure that all security related services are functional to all sites, conduct regular internal compliance checks within the LIT Group ensuring LIT Group achieves and maintains PCI Compliance. 

WORK PERFORMED

• Assists the Information Security Manager in Group wide IT Projects required to achieve and maintain PCI DSS compliance.
• Assists the Information Security Manager in maintaining and enforcing the LIT IT & Security.
• Strategy across all locations.
• Maintain information security standards and procedures in compliance with agreed LIT information security and risk management policies, standards and guidelines.
• Responsible for the maintenance and support of security controls and user profiles as required by the functional teams.
• Help the business in participating in the security processes (application assessments, product certification, connectivity to the intranet and internet).
• Reports on defined IT / Business privacy and security metrics.
• Participates in business continuity planning, testing, and implementation.
• Participates in business continuity and disaster recovery planning, providing security, availability, integrity and confidentiality.
• Ensures that contingency and / or continuity information technology services remain compliant with policy and regulatory requirements.
• Maintain and log all firewall changes.
• Performs vulnerability scans, highlight scan results, generate report on the scan and JOB VACANCY recommends remedial action where deviations are identified.
• Monitors and coordinates audit trail (log) management and review.
• Monitors and coordinates Patch and Anti-Virus updates.
• Monitors local FWs and IPS Systems.
• Provide support to the Information Security Manager.
• Ensure compliance with IT standards and processes at all times.
• Other duties consistent with the position.

REQUIRED KNOWLEDGE, SKILLS AND EXPERIENCE

Prerequisites

• Tertiary Qualification or equivalent with relevant working experience.
• Minimum 2 years’ experience in a similar role preferable in a global company.
• Proven experience in working within a process driven environment.
• Proven experience in distributed Patch management systems, knowledge in Altiris Notification Server an advantage.
• Proven experience in enterprise controlled AV systems; knowledge Symantec Endpoint Protection (SEP) will be an advantage.
• Proven experience in Vulnerability Scanning products; knowledge in Symantec CCS Vulnerability Manager an advantage.
• Well-developed understanding of IT Enterprise Architecture
• Strong proficiency in English language (written and verbal) Advantages
• Preferable Management in Information Technology or Information Technology Auditing.
• Experience in maintaining and configuring firewalls will be an advantage
• Well-developed knowledge Network Analysing Tools such as Wire Shark
• Developed understanding of the ITIL Service Delivery Model
• Internal or external IT Auditing experience would be an advantage
• MCSE or other certification in IT Systems.
• CCNA, CCNP or other certification in Networking Area would be an advantage
• CISSP, CISA or other certification in Security Area would be an advantage
• Knowledge of Information Security and PCI
• Proficiency in German language would be an advantage (written and verbal)

PERSONAL COMPETENCY REQUIREMENTS

• Excellent written and verbal communication skills
• Highly developed planning and organizational skills
• Well-developed problem solving skills
• Flexible, self-motivated and proactive.
• An ability to implement processes and procedures as defined by management
• Can work under pressure in a fast paced and changing environment.
• Willing to work occasionally out of business hours due to project or incident related issues.

ADDITIONAL INFORMATION

• The position is offered in fulltime, on a temporary contract for 3 years and is based in Cape Town.