Information System Security Specialist - Cape Town Verfied

R 473 286.98 – 788 811.63 per annum Cape Town, Western Cape Cape Town, Western Cape more than 14 days ago 20-05-2015 10:22:16 AM
02-06-2015 9:45:19 AM
Purpose of the job
To provide information security services to clients including risk management, compliance services, incident management and security development services.

Key Responsibility Areas
Analyse and communicate IT risks and their potential impact on business processes and goals; Monitor the application of policies for the preventive, detective and corrective measures; especially up-to-date security patches and virus control, to protect information systems and technology from malware - viruses, worms, spyware, spam, internally developed fraudulent; software, etc., and report on any deviations; Monitor the application of policy that ensures that security techniques and related; management procedures, e.g. firewalls, security appliances, network segmentation and intrusion detection, are used to authorize access and control information flow from and to Networks, and report on any deviations;

Monitor execution of risk and security action plans and report on any deviations; Perform security monitoring and periodic testing and reporting for identified security Weaknesses or incidents; Maintain and monitor a logging function that enables the early detection of unusual or abnormal activities that may need to be addressed; Monitor sensitive transaction data exchanged to ensure that this takes place only over a trusted path or medium with control to provide authenticity of content, proof of submission; proof of receipt, and non-repudiation of origin, and report on any deviations; Identify and document characteristics of existing and possible new potential security incidents and define impact levels; Recommend corrective action for identified security weaknesses or incidents; Proactively test and monitor IT security implementation and make recommendations for IT security accreditation and re-accreditation.

Qualifications and Experience
Minimum qualifications: National Diploma IT or equivalent; ICT Security Certificate or relevant certification (CISSP, IS27001/2). Experience:3-5 years ICT Infrastructure, Application development or IT Security experience.

Technical Competencies Description
Knowledge: Working knowledge of client business environment; Exposure to Enterprise architecture frameworks (TOGAF; Zachman; FEAF; MODAF; GWEA Framework; MIOS); Knowledge of Governance Processes and Standards (ISO 9001; ISO 27001/ 27002; ISO 12207 (SDLC); ISO 42010; COBIT; ITIL; UML); Exposure to Information System Security Technical Standards (e.g.: PKI, IAM, Cryptography); Detailed knowledge of the SOPs of the area/discipline the jobholder is works in (HR, Finance, IT, etc as well as how to apply it.

Skills: Team leadership skills; Analytical skills; Project management skills; Security developer; Security applications.

Closing date: 29 May 2015