Information Security and Infrastructure Specialist at DirectAxis

Job description

Overall purpose of the job

The Information Security and Infrastructure Specialist is responsible for the governance of all aspects of the physical and logical security of Direct Axis information assets and ensure confidentiality, integrity, security and availability of the information technology environment as well as manage the implementation, maintenance and support of the various technologies used within the Organization through the server and storage teams in accordance with best practices.

Description role responsibilities

• Business Process:
• Implements business processes according to benchmarks and the Shared Values.
• Reviews and reports on the performance of business processes.
• Analyses the internal service delivery processes and comes up with innovative ideas and/or participates in working groups to improve and streamline processes, increase revenue, drive efficiencies and minimise redundancy and waste.
• Monitors and controls the quality of business processes in terms of defined standards.
• Participates in project planning.
• Provides input into business case. Manages resources within the team.
• Obtains recommendations from architecture.
• Guides the team to align with the architectural model.
• Complies with the organisation’s architecture strategy.
• Designs and leads an enterprise wide information security programme to identify, assess and mitigate risks.
• Writes, implements and maintains security policies and procedures.
• Establishes an effective reporting and escalation process.
• Appraises and guides the executive team on all aspects of information security, including trends, threats and vulnerabilities.
• Assesses the impact of business process changes, architecture changes, technology changes and application changes on the information security controls.
• Develops and implements the information security strategy and governance framework which is consistent with Group information security objectives and industry best practices.
• Proactively works with IT management to implement and integrate information security procedures, standards and controls into the day to day operations.
• Manages Information Security technologies including identity and access management, penetration testing, identity theft, denial of service (DoS) attacks, hacking techniques, access list management, user authentication, data encryption, vulnerability scanning, intrusion detection, email scanning, web content filtering, virus management and security testing.
• Keeps abreast of developments in the areas of legal, regulatory, corporate requirements, technological developments and best practices in the information security field.

Education (formal qualification required)

Minimum:

• Degree, Diploma, or comparable experience
• ITIL v3 (ideal)
• CISSP (ideal)

Experience (minimum experience required)

• 5 years experience working in Financial Services
• 8 years experience in an ICT technical support or operations environment
• 5 years experience in managing an Infrastructure environment, VMware, SAN Storage, and networking
• 3 years experience in capacity management
• 1 -2 years basic project management experience
• 3years familiarity with the basic principles of information security and their application in a commercial environment.
• 3 years knowledge of vulnerability analysis, patching and remediation strategies
• 3 years understanding of network architecture, protocols and principles
• 3 years understanding of Firewall and Web Application Firewall technology
• 3 years understanding of Anti-Malware technology

Competencies (skills and behavioural attributes)

Skill:

• Interpersonal
• Communication
• Prioritising
• Good influencing and negotiating skills, with the ability to champion and drive change
• Analysis and Reporting
• Behavioural Attributes:
• Attention to detail
• Customer Focussed
• Strong time management
• Deadline driven

"In line with our employment equity plan, suitably qualified African Black candidates who meet the criteria for the role will be given preference"