Sen Specialist: IT Security Engineer (FTC)-(Cloud Integration Specialist) at The South African Revenue Service (SARS)

Job Purpose

• To be responsible for identify shortcomings in SARS processes, gaps in systems that allow fraud, trends of activities where SARS is defrauded, and  to assist in designing  controls and solutions to mitigate identified  risks and to reports on suspicious and unauthorized activities on the SARS IT Systems.

Education and Experience

Minimum Qualification & Experience Required

• Bachelor's Degree / Advanced Diploma (NQF 7) in Computer Science, IT or related fields, AND 8-10 years' experience in an Information Security Operations, of which 3-4 years at Junior specialist level

OR

• Senior Certificate (NQF 4) AND IT Qualification (s) / Certification (s) Information Security, and 8-10 years’ experience in an Information Security Operations of which 3-4 years at Junior specialist level, AND additional requirements as specified in the Min Functional requirements. 

ALTERNATIVE #

• Senior Certificate (NQF 4) AND 15 years’ experience in Information Security Operations, of which 3 - 4 years at a junior specialist level AND additional requirements as specified in the Min Functional requirements.

Minimum Functional Requirements

• 3-4 years’ experience in IT Security with 2 – 5 Year SQL experience.

Job Outputs:

Process

• Analyse and make recommendations about improvements to specialist systems, procedures and associated area's practice.
• Contribute to the optimum utilisation of org. resources, advising on effective planning and development of area of specialisation resource plans.
• Develop a single practice area in alignment with operational activity and procedural frameworks and ensure tactical implementation.
• Draw on own technical or professional expertise, knowledge & experience to identify & recommend tactical solutions to defined problems in practices.
• Integrate business information, compare, analyse and produce reports to identify trends, discrepancies
• and inconsistencies for decision making purposes.
• Optimise goal achievement through tactical strategy implementation and optimisation of practises, processes and systems across an internal value chain.
•  Plan for value-added, continuous practice and system improvements to deliver on objectives to enhance tactical implementation and excellence.
•  Proactively identify interconnected problems, determine its impact and use to develop best fit alternatives; best practice implementation solutions.
•  Recommend changes to optimise processes, systems, practice areas and associated procedures and execute the implementation of change and innovation.
•  Translate top-down policy, apply modification in relation to own practice area and communicate impact to relevant stakeholders.
• Develop technical strategic and/or process and/or mitigation measures to security, application and system vulnerabilities across IT landscape.
•  Design and develop reports that will provide visibility to line managers in order to manage any risks within their respective areas relating to fraud, prevention of fraud and access to information.
•  Provide support to Network Security support with all internal/external audits and security assessments related to area of responsibility.
•  Initiate and develop the resolution of negative audit findings reported by internal or external auditors in area of responsibility.
•  Develop intermediate controls in parallel with long term controls.
•  Report on performance of team, status updates on outstanding tasks, escalation of high impact risks.
•  Provide expert analysis IT Security mitigation implementations and develop recommendations in order to address any risks identified within the IT Security infrastructure, application and system environments relating to fraud and prevention of fraud or access to information.
•  Giving input to risk management principles through risk assessments, risk mitigation proposals, and inputs on various forums including but not limited to change/release management processes, projects, governance initiatives, audit requirements, vulnerability assessments and other processes.
•  Provide input to current/new IT Security strategies, architectures, policies, standard, procedures, SOPs, user training material and guides or other organisational policies which influences IT security to align with business and audit requirements relating to the prevention of fraud or access to information.
•  Measure impact of controls against Policies, Processes and Guidelines of SARS, as well as relevant legislation.

Governance

• Develop and/or align governance and compliance policies for own practice area to identify and manage risk exposure liability.

People

• Integrate new knowledge and transfer skills attained through formal and informal learning opportunities in the execution of your job.
• Provide specialist know-how, support, advice and practice thought leadership in area of expertise.

Finance

• Implement and monitor financial control, management of costs and corporate governance in area of specialisation.

Client

• Develop & ensure implementation of a practice that builds service delivery excellence & encourage others to provide exceptional stakeholder service.
• Participate in the specialist practice community and contribute positively to organisation knowledge management.
• Provide authoritative, specialist expertise and advice to internal and external stakeholders.

Behavioural competencies

• Accountability
• Analytical Thinking
• Attention to Detail 
• Commitment to Continuous Learning 
• Conceptual Ability 
• Expertise in Context
• Fairness and Transparency
• Honesty and Integrity
• Respect
• Trust

Technical competencies

• Business IT Systems 
• Business Knowledge 
• Data Collection and Analysis
• Efficiency improvement
• Functional Policies and Procedures 
• Business IT Systems 
• IT Knowledge 
• IT Network and Securities
• IT Strategy and Planning 
• Reporting
• System Thinking 
• Knowledge of IT Governance and Business 
• Efficiency improvement

Deadline:19th April, 2026