Senior Specialist: Cyber Security Operations (Gauteng) at Telesure Investment Holdings (TIH)

RESPONSIBILITIES

Information Security

• Define business impact of security incidents and identify and drive recommendations for change to prevent similar incidents. Ensure, through appropriate planning, execution, oversight of implementation and management of centralised and dedicated operations, TIH is able to appropriately identify, protect, detect, respond and recover to information & cyber security threats.
• Where possible, play the role of a lead-in to further enhancing and optimising said lifecycle.
• Ensure effective Threat Hunting and Threat Intelligence is performed.
• Conduct penetration testing/offensive security procedures as required.

Operations Management

• Supervise others working within established operational systems. Participate and take ownership during information & cyber security incident response activities, and specifically as it pertains to cyber security operations. Act as Incident Response Specialist /SOC /L2 Breach and Response as lead member. Escalation point for specialists as a Level 2. Oversee and perform Identity and Access Management and Privileged access Management tasks.

Risk Management & Analysis

• Develop and/or deliver a contingency plan for significant aspects of the risk management and/or control process. Maintain visibility of emerging information & cyber security threats and trends, and adjust operations activities to best defend against such threats.

Operational Compliance

• Monitor and review performance and behaviors within area of responsibility to identify and resolve non-compliance with the organisation's policies and relevant regulatory codes and codes of conduct.
• Take ownership of and optimise operation of dedicated and centralised cyber security technologies.
• This includes establishing relevant, operating procedures and other mechanisms to ensure consistent execution and quality outcomes.

Insights and Reporting

• Contribute to the design and creation of reporting strategies and templates.
• Lead execution of complex reports, identifying and interpreting complex patterns and trends, and translating those insights into actionable recommendations.
• Provide input on cyber security operations metrics and indicators.
• Report on key cyber security operations metrics and indicators to management and colleagues.

Stakeholder Engagement

• Develop stakeholder engagement through identifying stakeholders, finding out their needs/issues/concerns and reacting to these to support the communication of business information and decisions.
• Build and maintain relationships with teams and areas within TIH towards ensuring collaboration and overall successful functioning of cyber security operations across the organisation.
• Collaborate with the Enterprise Architecture function around strategic cyber security technology selection and investment, or technologies with an impact on cyber security.

Operational Procedure Development

• Draft policies, procedures, and related guidelines within an area of expertise to meet defined key principles and ensure compliance with external requirements. Take ownership of and drive maturity of operational technologies, associated workflows and procedures across a variety of areas such as Internet and dark web cyber threat exposure, network and communications security, endpoint security, identity & access management, application security for proactive and reactive technology protections, vulnerability management and incident response and forensics.

Cyber Security Project and Program Governance

• Clarify roles and responsibilities within the project team and ensure project compliance with the organisation's wider program and/or portfolio management decision-making structures and processes. Participate and positively contribute to governance forums, committees or groups within TIH.

Personal Capability Building

• Act as subject matter expert in an area of technology, policy, regulation, or operational management for the team. Maintain external accreditations and in[1]depth understanding of current and emerging external regulation and industry best practices through continuing professional development, attending conferences, and reading specialist media. Maintain and renew understanding of the information security operations landscape, both current and as it continues to evolve.

Building Capability

• Implement the formal development framework for a team, with guidance from senior colleagues.
• Provide informal coaching to others throughout the organisation in area of expertise.

Continuous Improvement

• Review existing operations in a major area of work and implement innovation processes to generate new ideas and ensure the required continuous improvement outcomes are delivered. Implement improvements and continuously mature cyber security operations activities.

 Requirements

GENERAL EDUCATION

• Grade 12/ SAQA Accredited Equivalent (Essential)
• Relevant industry certifications, such as Security+ ,CEH, MSCE, MCSA or equivalent (Essential)
• University degree in an information technology or related domain (Advantageous)
• Relevant Industry certification; OSCP or alternative in offensive or defensive security certifications (Advantageous)
• Relevant system / IT engineering certifications in on prem or cloud environments (Advantageous)

GENERAL EXPERIENCE

• 3 - 5 years' experience in information / cyber security (Essential)
• Strong experience and understanding Cyber Security frameworks and applying it (Essential)
• Experience in Security Operations (Essential)
• Exposure and/or experience in Security Architecture (Advantageous)
• Experience in Threat Hunting and Threat Intelligence (Advantageous)