Specialist Data Security Jobs

  • Full Time
  • Midrand, South Africa

Worker24

My client in the telecommunications industry based in Midrand is urgently looking for a Specialist Data Security to consult and support technology security operations across group. This role requires the individual to have credible experience in Information Security and Cyber Security Governance, Risk and Assurance based on proven frameworks such as COBIT 5, ISO27001/2 and the NIST Cybersecurity.

As a key member of the group technology security team, the candidate should be comfortable with supporting and driving information security technology support, governance and assurance while communicating clearly with technical as well as non-technical audiences.

In order to be considered the following is required:

Diploma or Bachelor’s Degree in Computer Science, Information Systems, Systems Analysis, or other related field
Minimum of 2+ years of experience in Tech Security role where you meet business deliverables
Knowledge of common information technology management / compliance frameworks such as ISO / IEC 27001, SOC 2, SOX, ITIL, COBIT and NIST
Knowledge of legal, regulatory and privacy requirements, such as Personally Identifiable Information (PII) Protection and Payment Card Industry (PCI) / Data Security Standard
Experience supporting DLP, WAF and other solutions
A diverse security background with knowledge in several areas including: layered security architecture; internet protocols; firewalls; VPN technologies, IDS / IPS, network access control and network segmentation, anti-malware and spam technologies; risk and vulnerability assessments, and compliance
Security concepts related to DNS, routing, authentication, VPN, proxy services and DDOS mitigation technologies
Windows, UNIX and Linux operating systems
Practices and methods of enterprise architecture and security architecture
Network security architecture development and definition
Web Security & Encryption
Ability to build and manage highly motivated and innovated technical team
Ability to work under time and resource pressure
An ability and desire to communicate and work with a broad set of stakeholders
A customer-focused, responsive, and transparent attitude
An industry certification. The CISSP is strongly preferred
Responsibilities:

Provide supervisory technology security operations and support to high profile projects
Ensure security is embedded in IT System and Network Infrastructure (Mobile, IS and Enterprise) across the group
Defining, implementing and efficiently maintaining technology security controls and requirements
Ensure timely delivery of technology security assurance and support for projects
Ensure compliance with legal and regulatory requirements
Provide SME input to technology security policy requirements and procedures
Support technology security awareness programs and educational efforts
Provide accurate and timely reporting of technology security risks identified during project engagement and propose remediation and mitigation options
Fulfil key customers’ obligations and stakeholders’ expectation
Participate in creation and execution of technology security strategy
Ensure financial efficiency in tech security solutions
The role requires the individual to monitor information security governance, risk, and compliance by IT, Mobile and Enterprise Business domains
Ensure alignment of information security governance with the business objectives, the information security strategy, plans and controls
Ensure compliance with the applicable legislative and regulatory interpretation and corporate risk appetite
Lead, develop, manage and maintain the wide information security governance deliverables lifecycle including compliance measurement, deviations and exemptions
Engage with the stakeholders on compliance to control effectiveness and deficiencies in the design and operating effectiveness of information security controls, design and recommend opportunities for continuous improvement
Interpret and manage the controls and capabilities required for the business to establish and comply with an information security management system in alignment with information security international best practice and/or industry standard(s)
Develop, manage and implement the information security audit and assurance plans and schedules, including any specific business needs and requirements (including PCI, ISO27001, GDPR, POPIA, Cyber Crime Bill)
Manage and conduct formal information security risk analyses, reviews, tests, audits and/or self-assessments;
Design appropriate remedial actions for identified risks, drive remediation of findings and management of risks and exemptions
Participate in IT general controls and compliance testing activities and/or audits
Lead, develop and maintain a comprehensive and effective information security risk, threat and vulnerability management capability that effectively anticipates the latest threat and vulnerabilities as well as assesses and reduces information security risk to within the corporate risk appetite
Report information security risks in an appropriate way for different audiences
Lead, drive and manage information security investigations and incident management
Develop, manage and maintain an information security incident management capability
Manage, plan, implement and monitor information security awareness and training program
Develop, measure and manage measurements to assess the effectiveness of this program and drive continuous improvement
Develop and implement online security awareness and training interventions based on business need, facilitate and/or provide information security awareness and training
Collaborate with various key stakeholders and provide information security advice to stakeholders



Leave us your email address and we'll send you all of the new jobs and details