Information Security Analyst III at Nedbank

Job Purpose

• To provide expert advice on complex aspects of information security within their fields of expertise.
• To identify and resolve complex technical issues related to security technologies.
• To collaboratively perform in-depth analysis with stakeholders on complex information security issues and provide optimum solutions which meet both business and technical requirements while aligning with the information security strategy.
• To analyse and enhance information security related processes with the aim to optimise work within the sphere of Information Security in its entirety. Working independently to deliver on work tasks. Pro-actively mentor staff.
• To ensure stability and up-time for areas the incumbent takes responsibility for; which also requires being available on demand to help solve issues outside of normal working hours

Job Responsibilities

• Build relationships with stakeholders to facilitate the flow of knowledge, input and discussion on new products and solutions as required. Leverage on expertise and internal networks to manage and resolve incidents, strengthening relationships.
• Capture timesheets and claims timeously and accurately.
• Propose solutions that are cost effective while meeting information security (IS) requirements within budget.
• Provide input into the negotiation process with vendors for new and existing technologies and services.
• Contribute to a culture of transformation by participating in Nedbank culture building initiatives, business strategy, and CSI.
• Stay abreast of developments in field of expertise, ensuring personal and professional growth.
• Understand and embrace the Nedbank vision and values, leading by example.
• Seek opportunities to improve business processes, models and systems.
• Participate in Research and Development related to specific Information Security Technology.
• Participate in proof of technology and proof of concept.
• Contribute to the content of the curricula.
• Oversee the implementation of the changes and check for the shortcomings and risks.
• Expert in-depth interpretation of MIS and system logs/reports to correct any deviations against best practices.
• Identify and set selection criteria for new products.
• Participate in the implementation and hand over of new products as provided in the selection criteria.
• Keep abreast of information security policies, rules, standards and processes, procedures and practices, as well as business rules, introducing new industry concepts to information security.
• Create and review all relevant processes and procedures mindful of current policies and standards.
• Create, maintain and review information security standards.
• Oversee and monitor environment per set standards.
• Review and contribute to project documentation.
• Mitigate risks. Implement specific Information security technologies. Gain further exposure and experience on multiple technologies.
• Log, submit and implement low, medium and high risk security changes independently.
• Provide guidance and supervision to Administrators and other analysts on implementation and changes.
• Oversee and ensure change was success.
• Support the achievement of the business strategy, objectives and values.
• Enable skilling and required corrective action to take place by sharing knowledge and industry trends with team.
• Obtain buy-in for developing new and/or enhanced processes that will improve the functioning of stakeholders' businesses.
• Provide technical mentoring related to specific security product. Participate in defining career stream and role requirements. Attend tech security industry forums and present technical papers.
• Provide technical mentoring both to Individual and specialist development projects.

Key Responsibilities

• Implementation and support of Cisco Security devices.
• Support of Cisco Network Security devices.
• Support of Data Centre devices.
• Liaise with other teams to promote good security practices and explain security procedures.
• Work with external suppliers to source hardware and software solutions to network security issues.
• Deploy, test and maintain security systems such as VPNs, firewalls and email security.
• Ensure that hardware and software are well maintained and able to deal with security requirements.
• Ensure that current network system security is suitable for future requirements.

Essential Qualifications - NQF Level

• Advanced Diplomas/National 1st Degrees

Essential Certifications

• CISSP , CISM or relevant qualifications (this is essential certification )

Preferred Technical Knowledge

• Strong knowledge of Cisco Data Centre technologies.
• Strong knowledge of Cisco Networking technologies.
• Strong knowledge of Cisco Security technologies

Exposure/Experience

• Exposure with large scale networking and security projects.
• Experienced in working with large cross functional teams.
• Experienced in working in high pressure demanding environments.

Minimum Experience Level

• 10- 15 years experience in an IT environment of which at least 2 years in a senior role from feeding career streams and at least 3-5 years specialising in an Information Security technology
• 7+ years’ experience Cisco in Networks and in Cisco Security Systems.

Technical / Professional Knowledge

• Administrative procedures and systems
• Banking knowledge
• Data analysis
• Governance, Risk and Controls
• Microsoft Office
• Principles of project management
• Relevant regulatory knowledge
• Relevant software and systems knowledge
• Business writing skills
• Information Security Threats and Attact vectors
• Cluster Specific Operational Knowledge
• System Development Life cycle(SDLC)
• TCP/IP
• Information Security terms and definitions
• Basic computer concepts
• Relevant Operating System
• Information Security policies and procedures
• Vendor Management Principles

Behavioural Competencies

• Coaching
• Collaborating
• Decision Making
• Influencing
• Innovation
• Technical/Professional Knowledge and Skills