Cyber Security Specailist(Operations) at Transnet

Position Purpose

• Providing security support through monitoring, analysis, detection and mitigation of threats against the Transnet Engineering environment.
• Evaluates the effectiveness and efficiency of existing security control measures
• Identifies the vulnerabilities that may cause inappropriate or accidental access, destruction, or disclosure of information and establishes security controls to eliminate or minimise exposure.
• Information security analysts plan and carry out security measures to protect the organization's computer networks, systems and Operating Technologies.
• The responsibility of the information security analyst is continually expanding as the number of cyberattacks increases.

Position Outputs

•  Monitor the organization's networks for security breaches and investigate a violation when one occurs. 
• Analyse the installation the use software and data encryption programs, to protect sensitive information. 
• Prepare reports that document security breaches and the extent of the damage caused by the breaches. 
• Conduct penetration testing, which is when analysts simulate attacks to look for vulnerabilities in their systems before they can be exploited. 
• Identify, assess, and mitigate security risks in applications and databases. 
• Research the latest information technology (IT) security trends. 
• Help to develop security standards and best practices for the organization. • Recommend security enhancements to management or senior ICT staff. 
• Create awareness with computer users when they need to install or learn about new security products and procedures. 
• Through a continuous improvement programme, review security in existing technologies and propose improved solutions.
• Work with the Information Security Specialists from Transnet Group ICT to propose changes to the architecture. 
• Establish relationships with business representatives and with key external information risk, security, and governance and compliance bodies and evangelise the information security cause to uplift the image of information security and Transnet Engineering. 
• Enterprise Information Management Services with both internal and external key stakeholders. 
• Conducts studies within and outside the organization to ensure compliance of the Transnet Information Security Framework with laws, regulations standards and currency with industry security norms.
• Provide a detailed security design and facilitate the implementation thereof for all projects within the group based on a risk assessment in accordance with the security template. 
• Development / updating of Information Security related policies and standards for existing or new complex technologies deployed within the enterprise. 
• Provide input into the development and maintenance of the strategies, policies and standards for Information Security, Business Continuance and IT Risk & Compliance. 
• Have continuous understanding of the Transnet information security landscape and perform investigations into solutions (people, process, technology) to mitigate real threats. 
• Work with the Group and OD Risk function to ensure Information Security Risks are adequately captured, controls identified, and ongoing mitigation actions are implemented

Qualifications and Experience

• Minimum of 3 Years National Diploma in Information Technology or Computer Science or Information System is required . Minimum of 5 years’ experience in ICT environment in Information Security or Cyber Security of which at least 1 year in a Supervisory or Specialist role. OR Minimum of 6 years’ experience in ICT environment in Information security or Cyber Security of which at least 2 years in a Supervisory or Specialist role .