Intermediate Information Security Analyst at PPS

Job Advert Summary    

The Intermediate Information Security Analyst will be responsible for managing the organisation’s security posture to ensure the protection of systems, networks and sensitive data against security threats, computer viruses and other related cyber-security attacks.

Minimum Requirements    

Education:

• BSc / B.Tech or N.Dip(Computer Science or Information Systems)
• Security Certification Advantageous
• Beneficial MCSE (Security) or similar IT Operations certification

Experience:

• 3 to 5 years working experience in information security.
• 5-7 years in IT operations (inclusive of above)
• Technical understanding/skill set in Linux, Java, Windows.
• Technical Understanding of cloud platforms (Azure and GCP)
• Demonstrate and understanding of Networking/Firewalling Knowledge and TCP/IP
• Good computer skills in Microsoft Word, Powerpoint and Excel is essential.

Knowledge and Skills (maximum of 10):

• Knowledge of IT Security and Risk Management frameworks, policies, standards and technologies – ISO27001/2
• Malware Management Knowledge.
• Vulnerability and Patch Management
• OS/Application VM Knowledge
• Web monitoring solutions
• Data leakage on end points
• Virtual server protection
• Database monitoring
• Desktop Firewall and IPS solutions
• EDR Solutions

Competencies (maximum of 8):

• Analytical and Technical skills
• Ability to work in a team and independently
• Planning and organising
• Effective Communication
• Quality Orientation
• Collaboration skills
• Result Orientation
• Self-Starter
• Flexibility

Duties and Responsibilities    

Security Monitoring

• Monitoring of all security tools (e.g. Crowdstrike, CyberArk, Darktrace, ZScaler, O365 Security and Compliance, Azure Security, GCP security)
• Keep abreast of changes in the standards, technologies or methodologies and threats
• Stay current with IT security knowledge and skills to maintain professional expertise and relevant.

Security Incident and Alert Response

• Log and monitor calls based on security incidents and alerts from security tools as well as monitor calls logged by external SOC provider.
• Understanding of the Incident Management Processes in order to restore a normal service operation as quickly as possible and to minimize the impact on business operations, thus ensuring that the best possible levels of service quality and availability are maintained.
• Document issues and risks and escalate to Information and system owners.
• System and network exploitation, attack pathologies and intrusion techniques (such as denial of service, sync attacks, malicious code, password cracking, etc.).
• Good understanding of Infrastructure Security controls and how to monitor and measure effectiveness

Support Security, Risk and Governance Team

• Conduct Technical and Administrative activities as required from a project and day to day perspective.
• Liaise with Information Security Manager and other stakeholders on findings and rectification actions
• Participate in IT security projects aimed at improving IT security in the PPS environment.

Security Reporting

• Provide raw data and extracted reports from Security Tools for Monthly and Quarterly reporting as well as input to Risk registers, security assessments and audits.