• Login Name       Password       Remember me       LOGIN LOGIN    FORGOT PASSWORD
  • REGISTER

 LOGIN WITH
 
 
 
 
 EMPLOYERS
 
 
 
 
 
 NEWSLETTER
 
 
 
 
 FOLLOW US

Crypto Support Engineer

Job Ref
244869
Job Type
Permanent
Employer Type
Company
Date Added 19 Mar 2015
Expiry Date 16 Apr 2015
* There have been 41 applications to this job.
* This job has been viewed 5669 times.
Employer:
Absa Group 1

Location:
Gauteng

Salary:
Market related

Benefits:


Role details:
Risk and Control Objective:

Ensure that all activities and duties are carried out in full compliance with regulatory requirements, Enterprise Wide Risk Management Framework and internal Barclays Policies and Policy Standards
Understand and manage risks and risk events (incidents) relevant to the role.
- - - - - - - - - - - - - -
Overall Job Purpose:

Provide support and advice in relation to cryptographic services used within Absa. This includes the execution of key and certificate management process and controls.
This role is for a Senior Crypto Engineer who will be responsible for shaping the strategy for and delivering core Crypto information security technologies for use across Barclays Afri¢a.

Key accountabilities of this job holder will be:

Lead and own the evaluation, design and delivery of major new Crypto security technologies across Barclays Africa.
Using technical experience and knowledge of the Barclays group business and processes, produce innovative solutions designed to improve the Group’s information security posture, increase operational efficiencies and reduce operational costs
Manage the Crypto information security technology strategy, showing appreciation for the challenges presented by different business units and geographies making up the whole of Barclays group, and work with other technology architects to ensure alignment to broader architecture strategies.
Lead virtual teams of security and technical specialists to integrate existing Crypto security technologies that have been independently deployed into different business units, ensuring the delivery of a single, high-quality, cost-effective solution that can support all Barclays Africa’ businesses.

Manage the Cryptography technology strategy (15%):

Develop and maintain the security strategy for Cryptography technology portfolios.
Liaise with the Global security architecture team to ensure that the core security technology product strategies align with the broader security domain strategy.

Lead and own the evaluation, design and delivery of major new Crypto technologies (15%):

Compile high-level requirements from teams across GIS and GTIS to create specific requirements for new Crypto technologies capabilities.
Lead vendor product analysis including the management of RFP, evaluation and proof of concept processes in order to select new products that best meet the agreed requirements and Barclays Africa operational model.
Build compelling business cases for new information security services highlighting benefits, financial analysis, dependencies, risks and issues.
Present business cases and project proposals to senior stakeholders, using influencing and negotiation skills to gain buy-in and budgetary commitment.
Plan, initiate and manage technology projects to deploy new security services. the projects must include the development of effective, sustainable processes as well as the implementation of new technologies.

Support on Crypto hardware (20%):

Receive approved change request from business unit on ServiceNow e.g. if an infrastructure change is required or if infrastructure needs to be upgraded with new functionalities and arrange for appropriate custodians to be available to perform upgrade.
Initialise the key loading of infrastructure by receiving notification of upgrade to effectively ensure compliance with Visa and MasterCard standards and requirements.
Build and configure devices e.g. Thales, HSM(Hardware Security Module), Thales P3 and nCipher by loading operating system, ensuring patches are loaded, antivirus support is in place and ensure compliance to Visa and MasterCard standards and requirements.
Maintain Crypto Hardware to effectively maintain all crypto infrastructure to ensure that they are on the latest patches and software
Troubleshoot and establish faults by investigating hardware to resolve any arising issues and

Establish keys on Crypto hardware by extracting key from safe if keys have been lost or if software or firmware has been reloaded. Reload new keys on software or firmware.
Decommission Crypto Hardware Infrastructure by removing the logical keys, clearing the database and memory in the event of new hardware or to replace faulty infrastructure. Remove from network and power down.
Destruct physical Crypto devices or hardware infrastructure by shredding it at a vendor because crypto hardware and devices are classified as a secure infrastructure and must be safely disposed of.
Monitor all Crypto devices to ensure compliance to security standards by SNMP (Unknown Monitoring Protocol) traps and alerts.

Key lifecycle management (20%):

Ensure effective key generation management services to business by key generation, key replacement, key renewal, key decommissioning and key destruction according to Visa and MasterCard requirements and Barclays Security Standards.
Ensure security and compliance controls are met when creating, replacing, decommissioning and destroying keys as per specified Absa, MasterCard and Visa requirements.
Interface to Visa and MasterCard to establish a secure link via email, courier documentation, registration of key and / or BINs.
Interface with Reserve Bank to establish secure treasury link by supporting key infrastructure.

Public Key Infrastructure & Certificate management (20%):

Outputs to deliver this accountability:
Implement and manage PKI by configuring hardware to ensure secure issuing of all certificates.
Issue new SSL (Secure Socket Layer) certificates by actioning requests to secure websites e.g. internet banking.
Renew SSL certificates after validity expiration by replacing with a new generated certificate.
Create and manage new domain names to issue certificates under, when creating a new website by registering with Internet Solutions (IS) and enrol the domain name on SSL Certificate Authority.

Business management (5%)
Outputs to deliver this accountability:

Obtain a thorough understanding of the business unit’s strategy and explain it to team members in such a way that they understand the contribution they have to make.
Conduct basic statistical analysis to track performance variances and determine the root causes of errors. Make recommendations for productivity or process enhancements to process owners.
Implement productivity improvement measures by coaching staff on any new processes or on their areas for improvement.
Populate balanced scorecards for the specific department on a monthly basis. Work with the team to address shortcomings during the next month. Escalate any major issues identified to the next level manager.
Participate in the measurement and reporting of internal and external Service Level Agreements on a monthly basis.
Address any process failures specific to the department under management.

Risk management (5%)
Outputs to deliver this accountability:

Ensure that all the processes and controls are adhered to by verifying that the steps are followed as per defined process.
Test a sample of activities on a weekly basis by reviewing documentation and checking work completed to see if control requirements are being adhered to. Advise management of the status of the controls and any remediation activities needed.
Provide evidence/supporting documents to auditors or management assurance consultants during formal reviews.
Review process and procedures used within Crypto Support area by incorporating policies and legislative changes as these changes occur.
Perform all other duties as reasonably assigned.
After hours support and Standby required.

Education and Experience Required:

NGF level 6: B Degree
B Degree Information Technology
CISSP (Certified Information Security Specialist Professional)
5-10 years’ experience in Cryptography related infrastructure
5 years’ experience in supporting Hardware Security Infrastructure
5 years’ experience in Security technology and processes

Knowledge & Skills: (Maximum of 6):

Excellent understanding of security strategies and technologies including secure network design, server hardening, secure web services, compliance auditing, secure software development lifecycles, security monitoring, and encryption.
Demonstrable strong knowledge of one or more Cryptography platforms or networking.
Deep understanding of the security mechanisms associated with one or more of windows or Unix operating systems, IP networks, web based applications and databases is essential.
Previous experience of working in an information security architecture, engineering or project delivery function
Knowledgeable about existing best practices for integration of security controls
Able to make technology recommendations supported by documented results of vendor product assessments and technical evaluations.
Stays informed on security vendors, specific product histories, trends and directions. Is considered a subject matter expert on a broad range of information security concepts, technologies and products.
Able to work independently with limited management oversight, but with sufficient experience to know when to escalate issues or concerns
Knowledge of Visa & MasterCard standards for the purposes of successful audits.
Work with the business and project team(s) to ensure residual risks are adequately mitigated to the degree that meets the risk appetite of the business.

International:

Clearly demonstrate a solid track record of working in a complex international environment.
Works effectively with people across a wide range of disciplines, cultures and levels (both internal and outside resources)

Language Skills:
Strong Written and Verbal: English

Competencies: (Maximum of 8 competencies):
? Deciding and initiating action
? Learning and researching
? Entrepreneurial and commercial thinking
? Relating and networking
? Adapting and responding to change
? Persuading and influencing
? Creating and innovating



 
HOME|
INFO|