Information Security Analyst at TFG (The Foschini Group)

About the job
We’re looking to add great new talent to our Information Security portfolio! If you have sound experience in GRC (Governance, Risk Management and Compliance) for large scale organisatios, then you should consider applying for this role. With a robust strategy focusing on People, Process and Technology, we believe that our culture and the quality of our people are our greatest strengths. As such, we need to employ top talent to support our key business functions.

Key performance areas:

• Define IAM application solutions by engaging with system and business owners; evaluate IAM procedures and processes associated with applications across TFG landscape
• Develop IAM integration solutions by preparing and evaluating workflow solutions for TFG applications identified for IAM integration
• Control IAM integrations with TFG applications by establishing specifications and requirements; coordinating production with vendor programmers where necessary
• Manage the full IAM QA pipeline
• Understand and manage the full life-cycle of IAM
• Validate IAM results by testing implementations
• Ensure overall effectiveness and on-going IAM operation by training TFG personnel; provide on-going support to IAM components and liaising with vendor where required
• Provide reference to IAM application solutions by writing documentation applicable to applications brought under IAM management, or IAM components used as part of the solution
• Document IAM implementations with TFG applications if and when required
• Develop custom solutions where necessary based on IAM integration requirements (JavaScript, Python, Perl)
• Use out of the box integration tools within the IAM product to provide integration solutions
• Manage the Data Leakage Protection (DLP) solution including policy design, testing and deployment
• Manage the health of the DLP environment
• Manage the monthly DLP management reporting cycle
• Assist in reporting and remediating incidents associated to DLP incidents

You will have:

• Relevant tertiary qualification
• Information Security certification (s) such as Security+, CyberSecurity Analyst, CASP, SSCP, CISSP,CISM, CRISC, and ISO27000 set of standards
• Minimum of 5 years’ relevant experience
• Experience with Identity and Access Management (IAM) systems required
• Experience across the IAM life-cycle like on-boarding, off-boarding, modification and recertification
• Experience with Privileged Access Management (PAM) required
• Experience in Insider Threat programs
• Experience in Data Leakage protection applications
• Advanced knowledge of software Development Life Cycle protocols
• Understanding and leveraging of mainstream Risk Management frameworks
• Experience in vendor management
• Experience in programming languages such as Java, JavaScript, Perl, Python etc.
• Knowledge and experience of LDAP solutions like Active Directory
• Strong communication skills, both written and verbal
• Strong analytical skills
• Good interpersonal skills
• Coping within a high-pressured environment
• Ideally you should be skilled in:
• Identify and Access Management applications like SavyInt, Cyberark, CA IDM Suite, IBM TIM/TAM
• DLP solutions like McAfee, Symantec, Forcepoint
• Data science using development solutions like Python, Jupyter Notebooks, Spark ML, Hadoop
• Experience with SIEM solutions
• Cloud exposure like Azure, AWS, Google
• Project Management capabilities