Information Security Specialist - Centurion at MECS (Pty) Ltd

The main purpose of this role, not limited to:

1) Is to develop a framework and standards of operations, designing, and enforcing policies & procedures tprotect  computing infrastructure from all forms of security breaches, as well as the identification of vulnerabilities and resolving them tensure networks and data remain secure.

• Perform security audits and clean-ups tensure accurate and up tdate access.
• Understand IT applications and infrastructure in alignment with policies and procedures.
• Document the information security principles and guidelines for application software as well as standards that should be adhered tfor each product.
• Development of information security requirement specifications prior tthe procurement or implementation of new systems and technology tensure alignment between the business goals and the supporting system functionality.
• Maintain the Information Security Architectural repository tensure consistency between applications and systems.
• Ensure currency of systems and technology by maintaining an environmental awareness.
• Provide guidelines for the development of life-cycle management strategies for systems and technology in conjunction with major stakeholders tensure business continuity.
• Managing information security risks and issues and escalating where necessary.

2. Research

• Researching and developing leading practices for the Information Security function.
• Benchmarking and analysis of trends toptimise internal processes.
• Engaging with business units tproactively (and reactively) provide solutions, advising  management and other stakeholders in their relevant area of expertise.
• Benchmark  Information Security Architecture with Local and International best practice and applications at other organisations.

3. Project Management

• Identify strategic projects that need tbe undertaken in the Information Security function.
• Preparing project definitions and detailed plans with the PMO.
• Driving and supporting the implementation of the specialised areas initiatives and strategic projects that address the needs and expectations of  stakeholders.
• Documenting functional requirements and specifications for new information security solutions.

4. Reporting

• Monitoring and reporting on progress against functional initiatives.
• Monitoring and reporting on compliance with information security policies, procedures, and controls.
• Promoting sound institutional governance, participating in required governance structures, and serving as a member on the required forums.
• Compiling reports on the functional performance at the required intervals reflecting all relevant statistics, e.g., monthly/quarterly cybersecurity report.

MINIMUM REQUIREMENTS

• B Degree or B-Tech in IT
• 8 years’ experience in Implementation and managing information security solutions in the following environments:
• MS Windows (Sentinel, Purview, Intune, Entra, Defender, Priva, etc.)
• Oracle EBS
• Oracle Fusion Cloud
• Developing information security policies and procedures
• Cybersecurity event detection and investigation
• Centre for Internet Security (CIS) controls, standards, frameworks, benchmarks, etc
• Penetration tests, including ethical hacking (advantageous)
• Vulnerability assessment.
• Managing the Security Operations Centre (SOC) – added advantage
• Certified Information Systems Security Professional (CISSP)
• CISM – Certified Information Security Manager
• CISA – Certified Information Systems Auditor preferable
• CDPSE – Certified Data Privacy Solutions Engineer preferable
• CompTIA Security+ preferable
• Certified Ethical Hacker (CEH) preferable