Security Engineer : Assurance ICT Security Office at FSCA South Africa

Key Performance Areas:

• Coordinate the annual information and cyber security assurance, control self-assessments and security penetration testing.
• Ensure that the identity governance and access administration (IAM) solution performs in line with the service level commitments.
• Ensure that the data loss prevention (DLP) solution performs in line with the service level commitments.
• Manage and maintain identity threat protection and intrusion prevention solutions, and ensure that they function optimally.
• Prepare monthly reports on ICT security events, incidents, breaches and policy or process violations in line with the response plans (CSIRP and CMP).
• Prepare monthly operational reports on ICT security and risks, for presentation at management committees.
• Coordinate the review of ICT security policies, standards and procedures in line with industry frameworks.
• Ensure that ICT security risk register, and mitigation plans are updated quarterly or as required.
• Coordinate the information requests for governance, assurance, audit and control assessments.

Requirements

• A diploma/degree or equivalent in Computer Science or Information Technology, and relevant information security certification such as ISO/IEC 27001 Lead Implementer, ISC2 SSCP or ISACA CISM are preferred.
• A minimum of 3 years of experience in information security, with a focus on information or cyber security assurance, governance and security risk management are required.
• Knowledge of industry regulations and frameworks including but not limited to the ECT Act, POPI Act, ISO/IEC27001, NIST CSF, COBIT and understanding of ICT security policies, standards and procedures advantageous.
• Strong technical knowledge and experience with Linux based operating systems (i.e redhat, centos or debian based) is required.