Senior Security Specialist - Menlyn at Assupol

Description

Strategy and Planning

• Create and maintain the enterprise’s security architecture design.
• Lead, Plan and Implement all security and network projects as per the Security Strategy and Security Program.
• Develop, implement, maintain, and oversee enforcement of policies, procedures and associated plans for system security and user system access based on industry-standard best practices.
• Design and implement disaster recovery plan for security systems, databases, networks, servers, and business applications.
• Assess a need for any security reconfigurations (minor or significant) and execute them as required.
• Keep current with emerging security trends and global threats.
• Collaborating with various departments in IT and business to steer the security journey, ensuring that our digital footprint remains secure.
• Conduct research on emerging products, services, protocols, and standards in support of security enhancements and development efforts.
• Continual enhancing of the security visibility and control for the 24/7 SOC team.

Acquisition and Deployment

• Select and acquire additional security solutions or enhancements to existing security solutions to improve overall enterprise security as per the enterprise’s existing procurement processes.
• Negotiate with different security vendors for better discounts, support and access to vendor training material for upskilling.
• Recommend, schedule, and perform security improvements, upgrades, and/or new purchases.
• Oversee the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically.

Operational Management

• Deploy, manage and maintain all security systems and their corresponding or associated software, including firewalls, intrusion detection systems, PKI, MFA, DLP, and anti-virus software.
• Ensure the confidentiality, integrity and availability of the data residing on or transmitted to/from/through enterprise workstations, servers and other systems and in databases and other data repositories.
• Manage the implementation and execution of Data-Loss technologies enterprise wide.
• Ensure the enforcement of enterprise security policies, standards and guidelines.
• Manage security for local area networks, the company website, the company intranet, and e-mail communications.
• Plan and oversee penetration testing and vulnerability management of all systems to identify and remediate any system vulnerabilities.
• Monitor and report on security systems, and end-user activity audits.
• Supervise all investigations into suspicious/anomalous activity and provide on-going communication with senior management until resolved.
• Recommend, schedule (where appropriate), and apply fixes/enhancements, security patches, disaster recovery procedures, and any other measures required in the event of a security breach/incident.
• Dive into technical challenges when necessary, demonstrating a blend of leadership and hands-on skills to address critical security issues.
• Provide 2nd/3rd level support to the SOC first responders for incidents reported by the SOC team to ensure swift responses to threats/incidents.
• Engage in ongoing communications with peers in the Systems and Networking areas as well as the various business groups to ensure enterprise wide understanding of security goals, to solicit feedback and to foster co-operation.
• Manage and/or provide guidance to junior members of the team.
• Translates the business security requirements into technical implementation plans, working with the Server Team and other IT teams to ensure that the plan is practical, controls are sustainable, and implementation risk and adverse impact to servers, workstations and user productivity is managed and minimized.
• Work closely with other teams to ensure that security by design is in place.
• Engage with external security vendors, ensuring services align with our security standards and optimizing cost-efficiency.

Requirements

Knowledge and Skills

• Matric
• IT related degree/diploma