IT Security Specialist: Talent Pool - Mr Price Group

JOB RESPONSIBILITIES

• Work with architects, system engineers and other IT support teams to define, guide, and advise on security standards across the IT landscape, monitoring network activity to identify vulnerable points
• Design and configure security hardware and software
• Use the toolsets available to identify and detect intrusions on corporate networks and endpoints; detect any unauthorized attempts to access the systems
• Solutionise by providing options for the IT network for enhancement to the security roadmap
• Train other employees on security best practices, mentoring to junior team members
• Monitor software and hardware for any possible cyber attacks
• Perform security assessments and conduct internal scanning on the network
• Analyze existing systems and make recommendations for changes or improvements
• Prepare reports, and action plans and update the risk register
• Organize and conduct tests and “ethical hacks” of the existing company IT architecture
• Keep technical knowledge current through the continuation of education
• Provide automation solutions as far as possible
• Serve as a security specialist and conduct training when required
• Draft policies, standard operating procedures and guidelines
• Prepare reports, action plans and updating of the risk register
• Be an active change advisory member by reviewing production changes
• Research and Design, benchmark, baseline exercises, trend analysis
• Align with enterprise’s security goals as established by its stated policies, procedures, and guidelines, and to actively work towards upholding those goals.

REQUIREMENT

• 3 years’ experience in a Security role
• 5+ years in an Infrastructure Back-end support environment and Implementation and deployment of enterprise solutions
• Solid technical experience in Networking (LAN and WAN management, FW/Routers/Switches/Wifi/DHCP/DNS/DMZ/Edge/Segmentation etc).
• Essential understanding of the response required in a Security Operations Centre.
• Strong knowledge of design, test solutions, authentication methods, Windows, Apple & Linux operating systems, protocols, Data leakage, Mobile device management, endpoint, application, cloud solutions, identity and access management, penetration testing, web security, strong networking or Microsoft back-end experience.
• Scripting and knowledge of the NIST and SANS framework would be advantageous.
• Experience in Governance (POPI/Data Protection/PCI/Policy and Procedure) is required. Knowledge of current security risks and protocols, creation of policy, procedure and standards documentation.
• Management of a Security information and event management environment
• Design, test, implementation and support of vulnerability management solutions, authentication methods, email and collaboration tools
• Windows, Apple & Linux operating systems, protocols, Mobile device management, Intrusion Detection and Prevention software, network, perimeter, endpoint, application, cloud solutions, identity and access management, penetration testing
• Scripting and knowledge of the NIST and SANS framework would be a great advantage
• Knowledge of current security risks and protocols, creation of policy, procedure and standards documentation.
• Cloud security and controls

Soft Skills

•  An analytical mind with excellent problem-solving ability
• Strong communication and organization skills
• Strong Decision-making skills
• High-performance individual
• Ability to work under pressure
• Team Player with a great attitude

QUALIFICATIONS

Relevant IT degree and certifications in 1 or more of the following:

• CompTIA Security+ CISSP
• GIAC
• Microsoft Certified Systems Engineer
• Microsoft Certified Azure Administrator
• AWS Engineer
• GSuite Engineer
• Associate of ISC
• Certified Cisco or Meraki Engineer