QHSSE Security Specialist - Risk & Auditing at Thales

Missions and responsibilities

Logical Security

• Assist with audits relating to Card certification authority requirements, namely Visa, MasterCard, Diners, and Amex for banking related activities.
• Assist with audits relating to non-secure activities, namely GSM.
• Assist with security induction training when requested.
•  Maintain a level of understanding of computer systems and threats each type of system can occur.
• Assist with monthly reports to corporate security

Physical Security

• Assist with audits, investigations, crime trends and system detection.
• Conduct daily/Weekly, and Monthly vault auditing.
• Define risk areas on an ongoing basis using site and process evaluation, system reports and video audits to identify high risk areas, suspicious trends, suspects and incidents.
• Implement audit criteria and audit security system for realisation of system potential, integrity and adherence to specified standards.
• Analyse alarm events and logs to assess adherence to standard procedure and identify follow up requirements.
• Follow up and manage the completion of audit trails on the shop floor to ensure correctness;
• Creation of procedural documentation, daily report on issues, challenges etc in terms of process/ vault concerns, challenges, event, etc.
• Formulate, plan and initiate investigations and information gathering strategies and involve relevant personnel and agencies where necessary;
• Manage the development of crime profiles and specify priorities and targets for surveillance and investigation.
• Interpret system data to establish trends and questionable combinations of events as indicators of suspicious activities.
• Assist with the management of the guarding.

HSE

• Conducting HSE Inspections.
• Assist with Risk Assessments.
• Complying with Occupational Health, Safety, and Environment Standards.
• Conducting HSE Training to all employees and contractors.

Impact

• Candidate must be prepared to under the integrity checks every six months (criminal, credit, and polygraph examinations).
• Signing of Corporate Code of Conduct and Non-Disclosure Agreement.  The job holder shall at all times during the employment with the company, respect and comply with the Gemalto security requirements during the performance of his/her duties.

Education Requirements

• Matric certificate
• Registered with the Private Security Regulatory Authority of South Africa (at least to Grade B);
• Possession of qualifications in investigations, auditing and risk assessments will be reviewed favourably
• Engagement in further studies (Security risk management) will be view favourably
• Exposure to MasterCard/Visa security requirements will viewed favourably.
• Must have experience/knowledge in Investigations, Audits, Risk Assessments.

Skills Requirements

• MS Office, Computer BMS (Building Management Systems) and Electronic Stock Tracking systems.
• Principles and application of information system concepts and technology in the security environment.
• Information security related certificates or diplomas optional, Network +, and Security+.
• Understanding of CISSP book of knowledge.

Personality requirements

• Assertive
• Attention to detail
• Conscientious
• Goal orientated
• Initiative
• Integrity
• Methodical
• Objective
• Persevering
• Precise
• Questioning

Knowledge

• Risk auditing and analysis, investigation techniques and practical exposure to criminal investigation cases

Technical Skills:

• Signing of Corporate Code of Conduct and Non-Disclosure Agreement.
• The jobholder shall at all times during the employment with the company, respect and comply with the Gemalto security requirements during the performance of his/her duties.
• Adhere to the rules, HSEQ procedures, applicable legislation, and other requirements to which Gemalto Southern Africa Subscribe.
• Ensure that the requirements to the ISO IMS system is implemented, maintained and continually improved in your area of responsibility.
• Subject to a clear criminal and credit record check.
• Compliance to the GSMA SAS Standards
• Participate in WCE initiatives and projects
• Compliance to the PCI Standards.