Cyber Security Operations Consultant: Security Operations (Re-run) at Sanlam Group

Who are we?

Sanlam Group Technology and Information (GTI) is responsible for Group-wide Technology and Information Governance, Technology Architecture oversight and guidance as well as the Group’s Cyber Security oversight and governance.  GTI is also responsible for IT Shared services to businesses in the Group which is provided through three units namely Infrastructure-, Application- and Security shared services. The shared service business model is based on commercial principles and the foundation of the model is a constant drive for consolidation, standardisation, automation and optimisation.  As such, GTI has accountability for the design and implementation of agreed IT controls, governance frameworks, policies, standards and solutions to ensure business continuity and minimise information security risks.

What will you do?

The role of the Cyber Security Operations Consultant: Security Operations will form part of the Sanlam team which focusses on Cyber Security Operations services to businesses on the Shared Sanlam Network. The team is responsible for the management of the PKI, Anti-Virus, Vulnerability Management, Security Configuration Management, Firewall compliance, Web and Email content filtering environments.  The team also manages the Data Leakage Prevention, Network Access Management, and Privileged Account Management infrastructure and processes.
 

What will make you successful in this role?

• On a day-to-day basis, the Analyst will be involved with the configuration, monitoring, and management of:

  • Anti Virus Infrastructure

  • Data Leakage Prevention system, rules, and reports

  • The Privileged Account Management process

  • Network Access Control – process and exception handling

  • Vulnerability Scanning, reporting, proposing remediation actions and tracking compliance

  • Security hardening baseline compliance scanning, reporting, and remediation

• On an ad hoc basis the consultant will support businesses in:

  • Issuing, renewing and revoking PKI digital certificates.

  • Assessing internet and email use on request of Forensics or HR departments.

• The consultant will also be performing scheduled tasks like review Firewall rule configuration and report

• The consultant will be required to report on the status of the cybersecurity control environments on a weekly, monthly and quarterly basis.

• The consultant will continuously consider ways to improve the effectiveness and efficiency of monitoring and response controls.

• The consultant will contribute to the Knowledge and Skills of the team, by sharing lessons learned and knowledge gained through research, conferences, training courses or interaction with experts.

Qualification and Experience

• Completed a matric qualification

• Cybersecurity certification (Advantageous)

• At least 3 – 5 years in hands-on technical experience which includes:

  • Network experience (TCP/IP, Firewalls, IPS, NAC)

  • Operating System management and Hardening (Windows, Linux, CIS hardening baselines)

  • Anti-Virus System management and Configuration

  • Data Leakage Prevention tool configuration

  • Logical Access Management (AD, PAM)

  • Information Security Operations (Security+, CISSP will be beneficial)

  • Vulnerability Management (use of well-known vulnerability scanning tools and interpretation of CVSS scores)

  • Some experience working with Web and Email Content filtering systems

• A solid understanding of Public Key Infrastructure (PKI) will be beneficial.

Knowledge and Skills

• Security Auditing
• Business Requirements Definition
• Risk Management
• Security Compliance
• Business Processes

Personal Attributes

• Action orientated - Contributing independently
• Decision quality - Contributing independently
• Interpersonal savvy - Contributing independently
• Optimises work processes - Contributing independently

Build a successful career with us

We’re all about building strong, lasting relationships with our employees. We know that you have hopes for your future – your career, your personal development and of achieving great things. We pride ourselves in helping  our employees to realise their worth. Through its four business clusters – Sanlam Life and Savings, Sanlam Investment Group, Sanlam Emerging Markets, Santam, as well as MiWay and the Group Office – the group provides many opportunities for growth and development.

Core Competencies

• Being resilient - Contributing independently
• Collaborates - Contributing independently
• Cultivates innovation - Contributing independently
• Customer focus - Contributing independently
• Drives results - Contributing independently

Turnaround time

The shortlisting process will only start once the application due date has been reached. The time taken to complete this process will depend on how far you progress and the availability of managers. Applications will close by 27 March 2020. 

Our commitment to transformation

The Sanlam Group is committed to achieving transformation and embraces diversity.  This commitment is what drives us to achieve a diverse, inclusive and equitable workplace as we believe that these are key components to ensuring a thriving and sustainable business in South Africa.  The Group's Employment Equity plan and targets will be considered as part of the selection process.