JOB SEEKERS
EMPLOYERS
JOBS QUICK-SEARCH
.net
.net developer
a+
abap
account manager
accountant
admin
administrator
analyst
architect
bookkeeper
business analyst
business intelligence
c#
call centre
ccna
cisco
cloud
cobol
consultant
delphi
desktop
desktop support
developer
engineer
finance
graduate
graduates
helpdesk
internship
it manager
it support
it technician
java
java developer
junior developer
legal
linux
manager
marketing
mcse
network
network administrator
oracle
personal assistant
php
php developer
programmer
project
project administrator
project manager
receptionist
sales
sap
secretary
security
sql
support
technical support
technician
test analyst
tester
web developer
NEWSLETTER
FOLLOW US
IT Security Officer (0712)
Job Ref
278077
Job Type
Permanent
Employer Type
Recruitment Agency
Date Added
23 Feb 2018
Expiry Date 9 Apr 2018
Expiry Date 9 Apr 2018
* There have been 7 applications to this job.
* This job has been viewed 631 times.
Employer:
TriTec Talent
Location:
South Africa
Salary:
Negotiable
Benefits:
Role details:
- - - - - - - - - - - - - -
RoleDescriptionIT Security Officer Permanent position, Cape Town, Southern Suburbs Strictly EE The InformationSecurity Officer (ISO) is responsible for the governance of all aspects of the physical and logicalsecurity of a banks information assets and ensure confidentiality, integrity, security andavailability of the information technology environment Develops and manages an information securityprogramme: • Designs and leads an enterprise wide information security programme to identify, assess andmitigate risks. • Writes, implements and maintains security policies and procedures. • Establishes an effective reporting and escalation process. • Appraises and guides the executive team on all aspects of information security, includingtrends, threats and vulnerabilities.Leads Solution Development and Maintenance: • Leads / oversees and works with Service Providers on system upgrade strategies, leads thearchitecture, design, implementation, and maintenance of complex solutions. • Identifies, screen and evaluate new solution opportunities to address businessrequirements. • Works with leadership and service providers to ensure timely introduction and withdrawal ofproject and products in line with company business plan and strategy. Implements the InformationSecurity Strategy: • Develops and implements the information security strategy and governance framework which isconsistent with Group information security objectives and industry best practices. • Proactively works with IT management to implement and integrate information securityprocedures, standards and controls into the day to day operations. Manages Information SecurityTechnologies: • Manages Information Security technologies including identity and access management,penetration testing, identity theft, denial of service (DoS) attacks, hacking techniques, accesslist management, user authentication, data encryption, vulnerability scanning, intrusion detection,email scanning, web content filtering, virus management and security testing. • Keeps abreast of developments in the areas of legal, regulatory, corporate requirements,technological developments and best practices in the information security field. Risk Management: • Work closely with auditors, and drive the necessary remediation of information securityfindings • Assist in identifying and mitigating information security related risks • Conduct risk assessments on third parties to ensure compliance of information securitystandardsApplication Security – Automation: • Define the information security requirements for SDLC • Facilitate information security code reviews • Drive security automation into the DevOps processes Operational Security: • Drive the vulnerability and patch management programme • Coordinate technical information security assessments and penetration tests, as well as,drive remediation • Manage the information security products and support vendors Security Architecture: • Review, provide input, and approve solution designs from an information securityperspective • Define and drive security architecture
Skills and Experience
Requirements: Education (formal qualification required): Minimum: • National certificate / Grade 12 • BCom Computer Science, Informatics or Auditing or an Engineering degree • CISSP Ideal but not essential: • B degree plus certificates in OSCP, CISM, CISA • Postgraduate Diploma / Advanced Diploma / Degree in IT will be advantageous. Experience Required: 5-8 years’ experience in Information Technology 5 years’experience in enterprise information security architecture related roles and experience in technicalanalysis, vulnerability scanning and information security assessments 5+ years’ experienceKnowledge of BS27000,COBIT,SDLC methodologies and ITIL 3-5 years’ experience in leading andmanaging information security discipline 3-5 years 5 years’ experience in establishment andmaintenance of information security architecture 5 year experience Technical implementation of therequired information security controls Email: Leigh.Duffield@eoh.co.za