IT Security Specialist Talent Pool

• Work with architects, system engineers and other IT support teams to define, guide, advise on security standards across the IT landscape, monitoring network activity to identify vulnerable points
• Design and configure security hardware and software
• Use the toolsets available to identify and detect intrusions on corporate network and endpoints; detect any unauthorized attempts to access the systems
• Solutionise by providing options for the IT network for enhancement to the security roadmap
• Train other employees on security best practices, mentoring to junior team members
• Monitor software and hardware for any possible cyber attacks
• Perform security assessments and conduct internal scanning on the network
• Analyze existing systems and make recommendations for changes or improvements
• Prepare reports, action plans and updating of the risk register
• Organize and conduct tests and “ethical hacks” of the existing company IT architecture
• Keep technical knowledge current through continuation of education
• Provide automation solutions as far as possible
• Serve as a security specialist and conduct training when required
• Draft policies, standard operating procedures and guidelines
• Prepare reports, action plans and updating of the risk register
• Be an active change advisory member by reviewing production changes
• Research and Design, benchmark, baseline exercises, trend analysis
• Align with enterprise’s security goals as established by its stated policies, procedures, and guidelines, and to actively work towards upholding those goals.

· 3 years’ experience in a Security role

· 5+ years in an Infrastructure Back-end support environment and Implementation and deployment of enterprise solutions

· Solid technical experience in Networking (LAN and WAN management, FW/Routers/Switches/Wifi/DHCP/DNS/DMZ/Edge/Segmentation etc).

· Essential understanding of the response required in a Security Operations Centre.

· Strong knowledge of design, test solutions, authentication methods, Windows, Apple & Linux operating systems, protocols, Data leakage, Mobile device management, endpoint, application, cloud solutions, identity and access management, penetration testing, web security, strong networking or Microsoft back-end experience.

· Scripting and knowledge of the NIST and SANS framework would be advantageous.

· Experience in Governance (POPI/Data Protection/PCI/Policy and Procedure) is required. Knowledge of current security risks and protocols, creation of policy, procedure and standards documentation.

· Management of a Security information and event management environment

· Design, test, implementation and support of vulnerability management solutions, authentication methods, email and collaboration tools

· Windows, Apple & Linux operating systems, protocols, Mobile device management, Intrusion Detection and Prevention software, network, perimeter, endpoint, application, cloud solutions, identity and access management, penetration testing

· Scripting and knowledge of the NIST and SANS framework would be a great advantage

· Knowledge of current security risks and protocols, creation of policy, procedure and standards documentation.

· Cloud security and controls

Relevant IT degree and certifications in 1 or more of the following:

· CompTIA Security+ CISSP

· GIAC

· Microsoft Certified Systems Engineer

· Microsoft Certified Azure Administrator

· AWS Engineer

· GSuite Engineer

· Associate of ISC

· Certified Cisco or Meraki Engineer