IT Security Officer

Remuneration:Basic salary 
Location:Cape Town, Southern Suburbs
Type:Permanent
Company:EOH Recruitment Solutions


The Information Security Officer (ISO) is responsible for the governance of all aspects of the physical and logical security of a banks information assets and ensure confidentiality, integrity, security and availability of the information technology environment

Develops and manages an information security programme:
  • Designs and leads an enterprise wide information security programme to identify, assess and mitigate risks.
  • Writes, implements and maintains security policies and procedures.
  • Establishes an effective reporting and escalation process.
  • Appraises and guides the executive team on all aspects of information security, including trends, threats and vulnerabilities.
Leads Solution Development and Maintenance:
  • Leads / oversees and works with Service Providers on system upgrade strategies, leads the architecture, design, implementation, and maintenance of complex solutions.
  • Identifies, screen and evaluate new solution opportunities to address business requirements.
  • Works with leadership and service providers to ensure timely introduction and withdrawal of project and products in line with company business plan and strategy.
Implements the Information Security Strategy:
  • Develops and implements the information security strategy and governance framework which is consistent with Group information security objectives and industry best practices.
  • Proactively works with IT management to implement and integrate information security procedures, standards and controls into the day to day operations.
Manages Information Security Technologies:
  • Manages Information Security technologies including identity and access management, penetration testing, identity theft, denial of service (DoS) attacks, hacking techniques, access list management, user authentication, data encryption, vulnerability scanning, intrusion detection, email scanning, web content filtering, virus management and security testing.
  • Keeps abreast of developments in the areas of legal, regulatory, corporate requirements, technological developments and best practices in the information security field.
Risk Management:
  • Work closely with auditors, and drive the necessary remediation of information security findings
  • Assist in identifying and mitigating information security related risks
  • Conduct risk assessments on third parties to ensure compliance of information security standards
Application Security - Automation:
  • Define the information security requirements for SDLC
  • Facilitate information security code reviews
  • Drive security automation into the DevOps processes
Operational Security:
  • Drive the vulnerability and patch management programme
  • Coordinate technical information security assessments and penetration tests, as well as, drive remediation
  • Manage the information security products and support vendors
Security Architecture:
  • Review, provide input, and approve solution designs from an information security perspective
  • Define and drive security architecture
Requirements:

Education (formal qualification required):

Minimum:
  • National certificate / Grade 12
  • BCom Computer Science, Informatics or Auditing or an Engineering degree
  • CISSP
Ideal but not essential:
  • B degree plus certificates in OSCP, CISM, CISA
  • Postgraduate Diploma / Advanced Diploma / Degree in IT will be advantageous.
Experience Required:
  • Five to eight years' experience in Information Technology
  • Five years' experience in enterprise information security architecture related roles and experience in technical analysis, vulnerability scanning and information security assessments
  • Five+ years' experience Knowledge of BS27000,COBIT,SDLC methodologies and ITIL
  • Three to five years' experience in leading and managing information security discipline three to five years
  • Five years' experience in establishment and maintenance of information security architecture
  • Five years' experience Technical implementation of the required information security controls
Email

Posted on 07 Dec 14:22



Get job alerts for IT Technician jobs

For any job-related queries please contact our partner site Bizcommunity.com
on 021 404 1460 or email