• Posted: September 10, 2019
    Deadline: Not specified
    • @gmail.com
    • @yahoo.com
    • @outlook.com
  • Imagine a world where people live healthier, more enhanced and protected lives… A world in which each organisation is a powerful influencer and responsible corporate citizen, committed to being a force for social good. As a leading innovator in healthcare, wellness, insurance, investments, financial and life planning, Discovery works ceaselessly to mak...
    Read more about this company

    IT Security Specialist

    The mission of the IT Security Specialist is to monitor the threat landscape and to select/implement security countermeasures to secure information assets within the Banking environment. The IT Security Specialist will install, configure, and manage IT security technologies and processes to provide preventive, detective, and response capabilities to the organisation. The technologies and processes include (but are not limited to) Firewalls, Intrusion Sensors, Denial of Service mitigation, Network activity monitors, Security Information and Event Management systems, Advanced threat detection solutions, Threat analysis, and Incident response processes. A key requirement for this function is the continuous optimisation of configurations for new and existing security technologies, particularly in instances where such technologies are managed by Group Technology Infrastructure services.

    Areas of Responsibility

    The IT Security Specialist Must

    Process Operational Support

    • Monitor reputable information sources (e.g. threat reports, security blogs) to keep abreast of the threat landscape and risks relevant to the bank.
    • Monitor security technology roadmaps and recommend feature enhancements or new solutions to address business risks/requirements.
    • Analyse and design appropriate security solutions to enable business requirements. For instance, recommend solutions to enable secure 3rd Party connectivity to the bank network.
    • Troubleshoot security technology failures/problems as required
    • Provide technical expertise and oversight of security technology deployment and configuration. For instance, participating in network segmentation planning, firewall policy reviews, or intrusion sensor policy fine-tuning.
    • Perform monitoring and analysis of network activity to identify suspicious or undesirable behaviour, using intrusion sensor technology or packet inspection technology.
    • Identify and enable application, system, and security logs across the enterprise to support incident investigations.
    • Identify and integrate critical logs (application, security, system) into the Security Information and Event Management (SIEM) solution.
    • Create correlations and other logic to identify attackers and defend the bank against advanced attacks.
    • Work closely with the Cyber Threat Intelligence team to hunt for threat actor groups, their techniques, tools and processes.
    • Provide expert analytic investigative support of large scale and complex security incidents.
    • Perform Root Cause Analysis of security incidents for further enhancement of SIEM rules.
    • Undertake incident analysis, tracking, recording, and response, with the ability to operate as an incident manager when required.
    • Analyse network activity logs to identify anomalies and respond accordingly. Activate the Computer Emergency Response Team for all high or critical anomalies that are identified.
    • Research attack/fraud tactics, techniques, and procedures and design detection patterns (correlation rules) within the SIEM. Knowledge of correlation between Business and technology rules is required to provide detection of common and advanced information security threats.
    • Provide management information on a monthly basis to illustrate the bank’s security posture.
    • Interface with IT stakeholders (e.g. Technology Infrastructure) and ensure that the hosting environment meets service requirements.
    • Participate in major Technology Infrastructure (TI) initiatives, such as network isolation.
    • Develop Standard Operating Procedures for the support environment.
    • Form part of a 24/7 operational support structure for network services and Business systems.
    • Adhere to Discovery Purple policies to ensure a secure operating environment.

    Programme and Project Support

    • Provide support to the Programme Office in the build and implementation of new IT services and major changes to existing services.
    • Ensure that appropriate security countermeasures are implemented as recommended to ensure projects are delivered as per schedule.

    Compliance, Governance, Risk and Control Processes

    • Liaise with Change and Release Management in the planning of changes and releases of services in scope.
    • Participate in Business Continuity plans for services in scope.
    • Participate in Disaster Recovery Planning activities to ensure access to Business services in the event of a major outage, and partake in regular DR tests.

    Method of Application

    Interested and qualified? Go to Discovery Limited on career2.successfactors.eu to apply
  • MYJOBMAG.CO.ZA
  • Send your application

Back To Home

Career Advice

  • How to Get Your Dream Job in South Africa

    Are you worried about getting your first job? Don’t know which type of job you even want? You needn’t worry. In this session, I am going to be answ...

    Read More - Aug 22, 2019

  • Salary Negotiation Guide

    Do you know that only 39% of employees negotiates their salary when considering a job offer? Choosing not to negotiate your salary can hurt you in the long r...

    Read More - Jun 17, 2019

View All Career Advice

Subscribe to Job Alert

 

Join over 7K happy subscribers

 
X

Did you notice an error or suspect this job is scam? Tell us.

Send this job to a friend

 
 
Send your application through

Yahoomail Gmail Hotmail