IT Security Operations Team Lead at AVI Limited

Closing Date:2020/02/23
Reference Number:AVI200123-1

Duties and Responsibilities    

• An exciting opportunity exists for an IT SECURITY OPERATIONS TEAM LEAD at AVI LIMITED AVI LIMITED IT Shared Services in Bryanston, Johannesburg or Waterfront, Cape Town. The purpose of the role is The IT Security Operations Team Lead is responsible for the daily support, coordination and leadership of the IT Security Operations Team as it pertains to delivery of daily service delivery related tasks, resolution of incidents and project activities.

Management of performance of staff and setting direction and priorities of staff activities

• Planning, Reviewing and Management of staff performance (IPA’s)
• Prioritise, schedule and manage staff activities related to projects and daily operations
• Management of day-to-day IT security operations

Management and oversight of the installation, configuration, maintenance, and optimization of all group IT security for infrastructure components

• Own and drive the resolution of IT security-related Incidents and problems
• Identify and manage the implementation of remediation and/or mitigation actions
• Manage the implementation of changes where required
• Conduct lessons learned (Root cause) exercise and document results

Closely monitor the security threat landscape and how this impacts the Group’s Infrastructure. Co-ordinate IT security-related activities

• Identify tools needed for management and monitoring
• Motivate tool purchase where required
• Manage and drive implementation
• Train relevant ITSS personnel on use of tools (e.g. Nessus)
• Ensure that tools are optimised to provide ongoing visibility/reporting of Networks and Voice systems
• Monitor environment for potential problems and capacity issues
• Co-ordinate activities for the resolution and/or mitigation of security incidents. This includes incidents identified by the SIEM tool.
• Perform penetration testing and assisting the IT Audit, Risk and Compliance team with the setup of vulnerability and configuration scans, in line with AVI’s Security baselines (e.g. Nessus)

Manage the scheduling and prioritisation of all project-related

• Draft 12 – 18-month plan for project and/or activities
• Manage activities related to projects and tasks e.g. procurement, etc.

Analyse the performance, capacity and trends

• Analyse performance of IT and Industrial security infrastructure
• Remediate and/or mitigate any performance and/or capacity issues

Provide continued guidance and training for ITSS personnel

• Cross-skilling and training of immediate team members as well as other ITSS team members on aspects of security.
• Facilitate the handover of identified support and maintenance tasks
• Competencies    
• Develop and apply technical expertise
• Be flexible and open to change
• Build and use key relationships
• Analyse and solve problems
• Initiate and achieve results
• Communicate clearly
• Deliver customer service

Experience Required    

• 5 years Management of a technical team
• 5 years of IT Security Strategy and Architecture
• 5 years network and security administration
• 3 years network and web security protocols, hardware and software
• 3 years Management and Administration of IT Security technologies
• 5 years in the administration of proxies, security appliances (including UTM) and System Security vulnerability identification and remediation
• 3 years active experience in detailed investigation of security incidents
• 3 years’ experience with Forensic and monitoring tools e.g. Wireshark, Nessus
• 3 years’ experience with Security and other legislation (POPI, etc.)
• 3 years Payment Card Industry (PCI) technical implementations
• 2 years’ experience with public key infrastructure (PKI) and cryptographic protocols e.g. SSL / TLS

Minimum Qualifications Required    

• Matric/Grade 12
• Tertiary Degree or Diploma in Information Technology and/or Electrical Engineering

Knowledge Required    

• Enterprise Server Operating systems
• Enterprise Virtualisation systems
• Enterprise Client Operating systems
• NMDP (New Managers’ Development Programme)
• Valid CCNP – Data Centre, Routing and Switching, etc.
• Valid CCNA – Security or similar
• IT Security certifications, professional affiliations (e.g. CISSP, CompTIA Security+)
• Valid MCSA2016
• Valid FortiNet NSE4
• Management and resolution of IT Security threats and breaches
• Identify, own and manage the group’s IT and Industrial Security Infrastructure and related tools
• Operation of security tools for administration and monitoring to identify vulnerabilities and provide solutions to remove vulnerabilities and remove risks
• Provide expert security input into group IT projects to ensure that security controls are built into the projects
• Draft IT Security policies, procedures, standards and guidelines
• Provide ongoing guidance, cross-skilling and training for ITSS personnel