Security Analyst at Teraco

PURPOSE OF THE ROLE

The Security Analyst is required to work inter-departmentally to identify and correct any flaws in our security systems. This role is responsible for developing and implementing secure network solutions, carrying out assessments and penetration testing with remediation, managing audit/intrusion and security technology systems, architecting, and engineering/developing trusted systems into secure systems.

This role will be responsible for design, implementation and support of NAC solutions, Firewall Management, SIEM and SOC solutions and vendor management, switching & server architecture and solutions, encryption solutions, MFA solutions, assist with IoT device security and secure WIFI solutions.

Note: this role has a requirement to support all sites. Therefore, it may include occasional travel to DBN and CPT, in addition to local travel in Johannesburg between sites.

MAIN FUNCTIONS OF THE JOB

• Leading efforts to counter security breaches and anticipating and reducing the likelihood of future security alerts, incidents, and disasters.
• Defining, planning, implementing, maintaining, and upgrading security measures, configured security policies, and controls.
• Writing reports and providing insights on the efficacy of the current security policies, incident responses, disaster recovery plans, and other security-related information.
• Assisting with the creation of updates and training programs to secure the network and train the employees.
• Keeping the security systems up to date.
• Monitoring security access and maintaining the relevant data;
• Monitoring and analysing threat and vulnerability bulletins and where required, implementation of remediation
• Conducting vulnerability testing and risk analyses to assess security and performing internal and external security audits.
• Analyzing security breaches to identify the cause and to update incidence responses and disaster recovery plans.
• Verifying and coordinating security plans with outside vendors;
• Establish best practices and standards;
• Review system changes for security implications and recommending improvements;
• Responding to cyber security issues;
• Logging and updating calls via the ticketing system;
• Incident Management of systems supported: Incident response, notification, resolution & logging;
• Problem management of systems supported: Resolution and logging;
• Engagement with OEMs and technical consultants;
• Maintaining Check Point Firewall Policies and associated documentation (if qualified to do so);
• Change control logging as it relates to the supported systems;
• ISO 27001:2022, PCI DSS 3.2, ISAE 3402 Type II compliance, Trusight, Board audits and client audits – participation in audits, remediation based on audit findings, monitoring and reporting, as it relates to supported systems

Requirements

SKILLS REQUIREMENT

• The ability to work in a high-stress environment.
• Excellent verbal and written communication skills, interpersonal, and teaching skills.
• Good anticipation, analytical, and problem-solving skills.
• High attention to detail
• Sense of urgency
• Tenacity
• Good knowledge of networking and server infrastructure
• The ability to remain current on the latest technology and best practices in information security.
• Very good knowledge of NIST cybersecurity standards and NIST best practices
• Ability to multi-task is essential.
• Ability to adapt to change.
• Open to learn and grow essential.
• Take accountability and ownership.
• Rule following
• Good team player, self-confident, motivated, and independent

QUALIFICATIONS AND EXPERIENCE

• A Bachelor's degree in computer science, programming, or related field.
• 1-5 years' experience in the field, such as security administration.
• Advanced training certifications may be advantageous (CISSP).