Information Security Analyst
Listing reference: sanbs_002201
Listing status: Under Review
Apply by: 1 May 2024
Position summary
Industry: Medical, Health & Social Care
Job category: Medical Research and Laboratory Sciences
Location: Roodepoort
Contract: Permanent
Business Unit: Constantia Kloof
Remuneration: R 569,942.00
EE position: No
Introduction
The purpose of an Information Security Analyst role is to safeguard the organisation's information systems and data by identifying and analysing vulnerabilities, implementing and monitoring security measures, investigating potential security incidents to protect our systems, networks and data. The Information Security Analyst contributes to maintaining compliance with relevant regulations, identifying and mitigating security risks, and ensuring the confidentiality, integrity, and availability of information.
Job description
KEY PERFORMANCE AREAS (KPAS)
KPA 1 Security Monitoring and Incident Response
1.1. Monitor, triage and report on Endpoint platform detections daily.
1.2. Monitor, triage and report on Firewall platforms detections daily.
1.3. Monitor, triage and report on SIEM platform detections daily.
1.4. Investigate and respond to security incidents and breaches.
1.5. Co-ordinate with the incident response team to contain and mitigate threats.
1.6. Document and report security incidents, providing recommendations for improvement.
1.7. Identify and implement mitigating controls together with the relevant stakeholders.
KPA 2 Improve the technical cyber security landscape.
2.1. Identify and develop improvement plans related to information security.
2.2. Coordinate the execution of improvement plans within ICT and report on progress to ICT Management.
2.3. Develop and manage vulnerability and patch management program.
KPA 3 Investigate, analyse and respond to real-time alerts within the environment.
3.1. Investigate and analyse alerts created by the implemented cyber security platforms.
3.2. Categorise alerts into true or false positive categories on the respective cyber security platforms.
3.3. Determine the correct course of action to address security alerts identified by the cyber security platforms.
3.4. Liaise with relevant stakeholders to mitigate the security alert.
KPA 4 Security Compliance and Auditing.
4.1. Assist in maintaining compliance with relevant regulations and standards.
4.2. At regular intervals, generate and analyse security platform reports to identify compliance breaches.
4.3. Determine the correct course of action to address compliance breaches.
4.4. Depending on the severity of the compliance breach, escalate breach to the relevant stakeholders.
4.5. Monitor the progress of remediation of compliance breach.
4.6. Update risk registers on a regular basis.
4.7. Monitor the effectiveness o security controls and propose enhancements.
4.8. Participate in internal and external security audits.
4.9. Provide support for compliance-related initiatives.
KPA 5 Monitor security-related resources for new and emerging cyber threats and technologies.
5.1. Stay current with emerging threats and vulnerabilities and report to ICT Management and advise ICT Stakeholders thereof.
5.2. Research and evaluate new security-related technologies and make implementation recommendations to ICT Management.
5.3. Develop and deliver security awareness training to end users.
KPA 6 Vulnerability Management
6.1. Conduct regular vulnerability scans and assessments on the SANBS environment utilising current security tools.
6.2. Analyse scan results, prioritising vulnerabilities and allocate into the various ICT business units to remediate.
6.3. Develop and manage remediation plans for vulnerability assessments.
6.4. Plan and conduct penetration testing.
6.5. Coordinate and plan remediation tasks to harden the SANBS ICT landscape.
6.6. Track and report on vulnerability management progress.
6.7. Stay current with emerging threats and vulnerabilities.
Minimum requirements
Education:
- Two or more of the following certifications: CEH, CompTIA Security , CompTIA Pentest , CompTIA CySa (CyberSecurity Analyst) CISSP, GSEC, an IT related degree or diploma, MCSE, MCSA, CCNA, CCNP,CCVP, any Azure related security certification, any AWS security related certification, PCNSE Palo Alto Network Certified Network Security Engineer, CCFA Crowdstrike certified Falcon Administrator.
- At least one year experience as a cyber security analyst managing and securing application and database solutions, both on-premise and cloud based
Experience and knowledge requirements:
- Technical knowledge of enterprise-class networking technologies such as firewalls, routers, switches and wireless access points.
- Thorough understanding of Microsoft’s enterprise technology platform, including Azure, Active Directory, SQL, Office365, and the Windows server and desktop operating systems.
- Working knowledge of Linux operating systems.
- Working experience with the following technologies : SIEM, vulnerability scanning and endpoint protection tools, next generation firewalls
Other (knowledge and skills), e.g. understanding of relevant legislation; knowledge of relevant company procedures.
- Experience implementing and/or enforcing security and compliance frameworks such as CIS, NIST, COBIT, and ISO 27001
