Business Information Security Specialist at Digital Gaming Corporation (DGC)

Duties include, but not limited to:

• Architects, designs, implements, maintains, and operates information system security controls and countermeasures.

• Analyses and recommends security controls and procedures in acquisition, development, and change management lifecycle of information systems, and monitors for compliance.

• Analyses and recommends security controls and procedures in business processes related to use of information systems and assets and monitors for compliance.

• Plan and coordinate in state ad-hoc and annual audits.

• Work with various internal and external stake holders to drive audit findings to closure.

• Design processes and implement systems to monitor systems for security incidents and vulnerabilities; develops monitoring and visibility capabilities; reports on incidents, vulnerabilities, and trends.

• Responds to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches; interacts and coordinates with third-party incident responders, including law enforcement.

• Design, deploy and administer authentication and access controls, including provisioning, changes, and deprovisioning of user and system accounts, security/access roles, and access permissions to information assets.

• Analyse trends, news and changes in threat and compliance environment with respect to organizational risk; advises organization management and develops and executes plans for compliance and mitigation of risk; performs risk and compliance self-assessments and engages and coordinates third-party risk and compliance assessments.

• Analyses and develops information security governance, including organizational policies, procedures, standards, baselines, and guidelines with respect to information security and use and operation of information systems.

• Develops and administers, or provides advice, evaluation, and oversight for, information security training and awareness programs.

• Work with various business stakeholders to solve various security challenges as they become known and visibility.

• Irrespective the nature of the engagement or problem at hand always be service oriented.

This job description is not intended to be an exhaustive list of responsibilities. The job holder may be required to complete any other reasonable duties in order to achieve business objectives.

Essential Criteria:

• Experience in consultative roles with mid to c level engagement experience.

• Proven track record in security service delivery.

• Ability to align to and deliver on business priorities while maintaining a affective security control posture.

• Significant/Relevant IT industry experience

• Proven security domain knowledge and/or subject matter expertise is advantageous

• Ability to manage multiple deadlines and perform under pressure

Desirable Criteria:

• Degree level qualification / CISSP / CISM or equivalent is desirable

• Working experience with Checkpoint / Splunk / Microsoft Azure Security Certifications would be highly beneficial.

• Experience on any of the following vendors and or technologies would be highly beneficial, F5, Checkpoint, Cisco, Endpoint Security Solutions, Splunk, Entrust, Observe IT, Microsoft Azure, Microsoft Systems, Red hat Linux, Microsoft SQL, Ansible etc.

• Proven security domain knowledge and/or subject matter expertise is advantageous

Personal Specifications:

• Accountability and Execution

• Resilient

• Self-Starter

• Problem Solving

• Good logical and structural thinking.

• Collaborative Relationships

• Influences effectively

• Time management

• Adaptability / Flexibility

• Attention to detail

• Good sense for quality, teamwork, and innovation.

• Able to work independently or with limited assistance.