Cyber Security Officer at Bidvest Bank

Primary Purpose

Implements selected cyber information technology security initiatives with the information technology lines of business to protect their applications and supporting infrastructure from both internal and external threats. Assists in the management of risks, ensures compliance with regulatory requirements regarding information technology security. Ensures the appropriate use of assets and educates employees about their information technology security responsibilities. Assesses and records risk findings and recommends appropriate mitigating controls and plays an enablement role to support IT with risk remediation efforts.

Minimum Requirements

Qualifications

•  Matric

Experience

•  Minimum 3 years Security Analyst with hands on experience in the following technologies:
•  EDR
•  Anti-virus
•  Endpoint Encryption
•  Firewall Management
•  Web Proxy design and management
•  Good network knowledge and DMZ understanding
•  Email Security

 SIEM

•  Vulnerability Scanning and Remediation
•  Cloud Security

Ideal

•  Various Security Qualification
•  5 years Security Analyst
•  Been working in financial services in the security team
•  Azure Security
•  Trend Micro Product knowledge

Knowledge, Skills and Abilities Required

•  Problem solving ability
•  Attention to detail
•  Speed of execution
•  Risk management skills
•  Proactive
•  Ability to work under stress / pressure Presentation Techniques

Duties and Responsibilities
CUSTOMER CENTRICITY

•  Provide technical Hands-on, assistance, guidance & training to team members.
•  Help computer users when they need to install or learn about new security products and procedures
•  Interprets business/ customer requirements to provide timeous solutions
•  Receiving ad-hoc requests from internal as well as external parties and then responding appropriately

OPERATIONAL EXCELLENCE

•  Monitor anti-virus alerts and respond to any alerts. 2nd Line support.
•  Monitor Bidvest Bank’s networks for security alerts and investigate a violation when one occurs.
•  Install and use software/hardware, such as firewalls and data encryption programs, to protect sensitive information
•  Manage SIEM
•  Remediate results from penetration testing reports
•  Research the latest information technology security trends
•  Ensures authorised access by investigating improper access; revoking access; reporting violations
•  Administration of End Point Security Solutions and researching, designing & developing additional protection technologies.
•  Document policies, procedures and diagrams of the endpoint security environment.
•  Maintain information security technology management based on the industry good practice frameworks consistent with the applicable laws and regulations.
•  Create new ways to solve existing production security issues.
•  Perform vulnerability testing, risk analyses and security assessments.
•  Deliver technical reports and formal papers on test findings
•  Respond to information security issues during each stage of a project’s lifecycle
•  Develop plans to safeguard computer files against accidental or unauthorised
•  modification, destruction, or disclosure and to meet emergency data processing needs.
•  Assist the team with below tasks
•  Deployment of patches, both Microsoft and 3rd party applications.
•  Ensure all endpoints have been fully patched within 30 days of patch release date.
•  Ensure Anti-virus is up-to-date with the latest version and pattern files.
•  Ensure patching agents working 100% on all endpoints.
•  Ensure Anti-virus agents works 100% on all endpoints.

Internal processes

•  Maintenance of security technologies and upgrades
•  Assist Security Analysts with complicated tasks
•  Providing ideas to optimise and tweak the security environment

LEARNING AND GROWTH

• Contribution to Teamwork in Department
•  Contribution to making the department a great place to work
•  Contribution to teamwork (level of teamwork, accountability, delivery, quality and speed of information shared)
•  Contribution to efficiency and effectiveness of area
•  Effort to forge and maintain quality inter-personal relationships
•  Take accountability for the achievement of operational objectives within own area of control
•  Support and drive the business’s core values

Personal and Intellectual Capital Development

•  Take ownership for driving own career development
•  Preparation and signing off of training/ skills development plan
•  Achievement of objectives/ milestones set out in the development plan
•  Development of knowledge base and intellectual property
•  User training on modified products i.e. when changes are made provides training to the appropriate trainers so that Branches are made aware