Platform Security Engineer (Linux & Cloud) at Nedbank

Job Purpose

• To analyse information security related tasks within the ambit of existing information security policies, standards and processes, procedures and practices as well as business rules. Working independently to deliver on work tasks.
• Mentor Administrators and Analyst I. Collaborate with other specialists to execute analysis work tasks, perform operational tasks, question, recommend and update improvements to the existing policies, process and procedures.
• To ensure stability and up-time for areas the incumbent takes responsibility for, which could require availability on demand to perform job related duties outside of normal working hours.

Job Responsibilities

• Capture timesheets and claims timeously and accurately
• Propose solutions that must be cost effective whilst meeting information security requirements within budget.
• Participate in negotiations on fair pricing from vendors for new technologies procured.
• Manage and or resolve low, medium and high incidents and engage with Specialists to resolve the high complexity incidents.
• Facilitate and manage the incident and problem management process when stakeholder environments are affected.
• Oversee the implementation of the information security changes and check for the short comings and risks.
• Interpret MIS and system logs/ reports with the view to analyse and correct any deviations against standards and best practices.
• Act as the 1st point of problem resolution for non-routine incidents and 1st line support for problems.
• Ensure compliance to standards and practises by familiarizing and keeping abreast of information security policies, rules.
• Document and maintain all relevant processes and procedures mindful of current policies and standards.
• Create and maintain information security standards.
• Oversee and monitor the information security environment according to set standards.
• Review and contribute to project documentation including business requirements, designs and implementation.

Job Responsibilities Continue

• Create design documentation according to relevant standards and practices
• Implement specific Information security technologies.
• Gain further exposure and experience on multiple technologies by job shadowing Information Security analysts III and Technical Specialist.
• Log submit and implement low, medium and high risk changes independently.
• Provide guidance and supervision to Administrators and Analyst I on implementation and changes.
• Oversee and ensure change was successful in certain cases and when required perform unit testing.
• Analyse logs and reports independently and provide supervision to Administrators and Analyst I.
• Monitor and action Service Manager low, medium and high impact incidents and e-mails related to Information Security.
• Ensure job related tasks and processes are in place.
• Conduct risk and root cause analyses around exceptions, queries.
• Improve personal capability and to stay abreast of developments in field of expertise by identify training courses and career progression opportunities for self through input and feedback from managers.
• Ensure information is provided correctly to stakeholders by maintaining knowledge sharing knowledge with team.
• Identify and recommend opportunities to enhance processes, systems and policies and support implementation of new processes, policies and systems.

Essential Qualifications - NQF Level

• Matric / Grade 12 / National Senior Certificate
• Advanced Diplomas/National 1st Degrees

Preferred Qualification

• A+, N + S+ or equivalent

Preferred Certifications

• Relevant Information Security Certification

Minimum Experience Level

• At least 8 years in an IT environment of which at least 5 years in information Security

Technical / Professional Knowledge

• Administrative procedures and systems
• Data analysis
• Governance, Risk and Controls
• Principles of project management
• Relevant regulatory knowledge
• Relevant software and systems knowledge
• Cluster Specific Operational Knowledge
• System Development Life cycle(SDLC)
• TCP/IP
• Information Security terms and definitions
• Relevant Operating System
• Information Security policies and procedures
• Vendor Management Principles

Behavioural Competencies

• Applied Learning
• Communication
• Collaborating
• Customer Focus
• Initiating Action
• Managing Work
• Technical/Professional Knowledge and Skills