TFG Infotec has a vacancy for an Information Security Analyst in the Information Security team. This role is responsible for safeguarding information system assets by identifying and solving potential and actual security problems, through having a thorough understanding of how IT is delivered to the business, and how the group systems interface with each other and are used by stakeholders.
Within this role you will be expected to perform day-to-day operational monitoring and remediation of IT security threats and vulnerabilities using various tools; advise and lead on the security aspects of IT projects by applying good practice and professional standards; implement security controls; and assess potential security risks within a system/application or project with regard to confidentiality, integrity and availability. Your work will be both within the information security team and collaborating with other teams delivering business critical projects, and you will be an ambassador for information security wherever you go.
Key performance areas:
•Perform continuous threat and vulnerability management
•Management and implementation of key information security projects
•Information gathering on internal and external security intelligence
•Respond and action information security incidents
•Select, apply and ensure adherence to good information security practice
•Ensure internal and external suppliers and partners implement security to the required standard and maintain positive relationships with vendors
•Specify, understand and monitor the effectiveness and efficiency of IT Security controls
•Drive action to help achieve continuous improvement
Ideally you will have:
·
Preference will be given, but not limited to, candidates from designated groups in terms of the Employment Equity Act.
If you keen to apply, then please visit our careers page-www.tfglimited.co.za
Within this role you will be expected to perform day-to-day operational monitoring and remediation of IT security threats and vulnerabilities using various tools; advise and lead on the security aspects of IT projects by applying good practice and professional standards; implement security controls; and assess potential security risks within a system/application or project with regard to confidentiality, integrity and availability. Your work will be both within the information security team and collaborating with other teams delivering business critical projects, and you will be an ambassador for information security wherever you go.
Key performance areas:
•Perform continuous threat and vulnerability management
•Management and implementation of key information security projects
•Information gathering on internal and external security intelligence
•Respond and action information security incidents
•Select, apply and ensure adherence to good information security practice
•Ensure internal and external suppliers and partners implement security to the required standard and maintain positive relationships with vendors
•Specify, understand and monitor the effectiveness and efficiency of IT Security controls
•Drive action to help achieve continuous improvement
Ideally you will have:
·
- 3 - 5 years Information Security experience (ideally in Retail or Financial industries)
- CISSP, SCCP, Security + (essential to have one of these)
- SCCP (desirable)
- The ability to identify and resolve technical security threats and vulnerabilities and implementing associated controls across various technology stacks
- You will be at ease explaining and documenting what controls are needed and why, and identifying pragmatic alternatives to mitigate threats and risks where time and cost constraints so dictate.
- Hands-on skills and experience in implementing and configuring security systems, tools and programs.
- Experience of security monitoring tools, network security systems, system and application Vulnerability Scanning, and the full systems and application development life cycle
- Experiencing in delivering Identity and Access management solutions (desirable)
- Data Loss Prevention, IDS, IPS and SIEM (desirable)
- Management and support of Symantec Anti-virus (desirable)
- Encryption technologies such as full disk encryption on mobile devices (desirable)
- Experience in security engineering or security operations (desirable)
Preference will be given, but not limited to, candidates from designated groups in terms of the Employment Equity Act.
If you keen to apply, then please visit our careers page-www.tfglimited.co.za
Last edited: