IT Security Analyst - City Of Johannesburg Metro
Salary Negotiable
City Of Johannesburg Metro,
Gauteng
more than 14 days ago
IT Security Analyst
Role Purpose
Security and Penetration Testing ensuring applications are secure.
Responsibilities
Performs security review focussed on testing of major software components and their code.
Utilise tools and technologies to conduct ethical hacking and penetration testing with emphasis on custom developed web applications.
Analysis of test results and report on recommendations to rectify any vulnerabilities identified.
Ensuring compliance to security standards within the business unit and within the organisation
Consulting to projects in terms of identifying risks, vulnerabilities and controls for new developments.
Identifying significant risks during the software development test cycle and implementing controls to mitigate these risks
Research and assist in the implementation of security products within the organisation where appropriate.
Functional and technical test analysis and testing (including regression) on security specific projects, incidents and work requests
Weekly reporting on test progress
Research and understand security best practices and how they are implemented in a corporate environment
Maintains current knowledge of the Information Systems security industry’s emerging technologies Administration of Technical and Procedural Compliance tool, including Technical Standards, Policy Manager and Assessment Manager
Actively participate in daily operational compliance tasks
Resolution of Incident/problem/request logs within contracted SLA targets and working with Help Desk Analysts to ensure users are regularly updated; ensuring client satisfaction
Provide regular, measurable feedback on system health and overall operations; create and deliver regular feedback/status reports as and when required
Complete technical and process documentation to current standards and contributing to revisions where necessary as well as disaster recovery and Business Continuity planning
Perform standby and after hour security support for production systems
Ensure that all policies, configurations and optimisation settings are completed in accordance with industry Best Practices
Participate in the assessment, identification, evaluation and deployment phases of the security update process as released
Qualifications and experience:
5+ years’ IT experience with at least 2 years in security or compliance
National diploma in IT or equivalent qualification / IT Degree preferred and Security qualification e.g. OPST, CISSP, preferred
Knowledge of enterprise compliance concepts such as, technical, policy and procedural compliance
General IT Security awareness
Working knowledge of MS Office (Word and Excel)
Preference will be given to applicants who are technically certified on Control Compliance Suit, Any network and security certification and experience in architecting large scale security solutions
Expert knowledge of and experience with security tools / techniques (e.g. passwords, encryption/decryption, digital signatures, web form manipulation etc)
Expert (SME) in security testing tasks, techniques, and tools
Knowledge of the client’s business and application domain
Role Purpose
Security and Penetration Testing ensuring applications are secure.
Responsibilities
Performs security review focussed on testing of major software components and their code.
Utilise tools and technologies to conduct ethical hacking and penetration testing with emphasis on custom developed web applications.
Analysis of test results and report on recommendations to rectify any vulnerabilities identified.
Ensuring compliance to security standards within the business unit and within the organisation
Consulting to projects in terms of identifying risks, vulnerabilities and controls for new developments.
Identifying significant risks during the software development test cycle and implementing controls to mitigate these risks
Research and assist in the implementation of security products within the organisation where appropriate.
Functional and technical test analysis and testing (including regression) on security specific projects, incidents and work requests
Weekly reporting on test progress
Research and understand security best practices and how they are implemented in a corporate environment
Maintains current knowledge of the Information Systems security industry’s emerging technologies Administration of Technical and Procedural Compliance tool, including Technical Standards, Policy Manager and Assessment Manager
Actively participate in daily operational compliance tasks
Resolution of Incident/problem/request logs within contracted SLA targets and working with Help Desk Analysts to ensure users are regularly updated; ensuring client satisfaction
Provide regular, measurable feedback on system health and overall operations; create and deliver regular feedback/status reports as and when required
Complete technical and process documentation to current standards and contributing to revisions where necessary as well as disaster recovery and Business Continuity planning
Perform standby and after hour security support for production systems
Ensure that all policies, configurations and optimisation settings are completed in accordance with industry Best Practices
Participate in the assessment, identification, evaluation and deployment phases of the security update process as released
Qualifications and experience:
5+ years’ IT experience with at least 2 years in security or compliance
National diploma in IT or equivalent qualification / IT Degree preferred and Security qualification e.g. OPST, CISSP, preferred
Knowledge of enterprise compliance concepts such as, technical, policy and procedural compliance
General IT Security awareness
Working knowledge of MS Office (Word and Excel)
Preference will be given to applicants who are technically certified on Control Compliance Suit, Any network and security certification and experience in architecting large scale security solutions
Expert knowledge of and experience with security tools / techniques (e.g. passwords, encryption/decryption, digital signatures, web form manipulation etc)
Expert (SME) in security testing tasks, techniques, and tools
Knowledge of the client’s business and application domain
Recruiter: Execucruit