Cyber Security Specialist – Government Job Vacancies in Johannesburg

APMC

Introduction

We’re recruiting for the exciting new role of Cyber Security Specialist. The primary purpose of the role is to work within a team of Secure by Design and Security Architecture Specialists, in collaboration with the Privacy and Business Risk Teams to Perform Secure by Design Assessments against company policies and standards. This will include identifying potential cyber security risks for new products, services and operations and identify controls to minimise, mitigate or remove those privacy and security risks; implementation of the identified controls to ensure they are built into the product; providing assurance that privacy and security controls have been implemented before the product goes “live”; assessing security and privacy risks arising from changes to existing live products that impact the processing of personal data and ensuring security and privacy risks are addressed when decommissioning these products.

View our other positions on FacebookLinkedIn and Instagram.

Duties & Responsibilities

  • Identifying potential cyber security risks for new products, services and operations and identify controls to minimise, mitigate or remove those privacy and security risks
  • Implementation of the identified controls to ensure they are built into the product
  • Providing assurance that privacy and security controls have been implemented before the product goes “live”
  • Assessing security and privacy risks arising from changes to existing live products that impact the processing of personal data
  • Ensuring security and privacy risks are addressed when decommissioning these products
  • Driving  the delivery of Cyber Security strategy and maturity improvement or risk reduction initiatives into the business unit(s) to which you will be assigned
  • Provide technology security assurance, guidance and support to high profile projects
  • Ensure security is embedded in IT System and Network Infrastructure
  • Defining, implementing, and efficiently maintaining technology security controls and requirements
  • Ensure timely delivery of technology security assurance and support for projects, products and services
  • Ensure compliance with Legal and Regulatory requirements
  • Support Technology Security awareness programs and educational efforts within the business unit to which you are asssigned
  • Provide accurate and timely reporting of technology security risks identified during secure by design assessments, project engagement and propose remediation and mitigation options in line with policy and good practice
  • Fulfil key customers’ obligations and stakeholders’ expectation
  • Ensure financial efficiency in Tech Security Solutions
  • Ensure compliance with the applicable legislative and regulatory interpretation and corporate risk appetite;
  • Engage with the stakeholders on compliance to control effectiveness and deficiencies in the design and operating effectiveness of information security controls, design and recommend opportunities for continuous improvement;
  • Manage and conduct formal information security risk analyses, reviews, tests, audits and/or self-assessments;
  • Design appropriate remedial actions for identified risks, drive remediation of findings and management of risks and exemptions;
  • Assist to compile a report of information security risks in an appropriate way for different audiences;
  • Develop, manage and maintain an information security incident management capability;
  • Collaborate with various key stakeholders, and provide information security advice to stakeholders

Desired Experience & Qualification

  • 3 year Technical Diploma/Degree in Information Security, Computer Science or Engineering
  • An industry certification. The CISSP is strongly preferred, however CCSP, OSCP, CISM, CISA or other relevant certifications will be considered.  Security/IT Architecture qualifications such as SABSA, TOGAF etc and relevant security architecture experience will be an added advantage
  • Minimum of 3-5 years of experience in Cyber Security role
  • Knowledge of common information technology management / compliance frameworks such as ISO/IEC 27001, NIST CSF, ISF, PCI DSS, OWASP, SANS etc.
  • A deep understanding of Technology Security risks and mitigating solutions
  • A diverse security background with knowledge and experience in three or more of the Security Domains including: Security Assessment and Testing; Software Development Security; Security Governance and Risk Management; Security Architecture and Engineering; Communication and Network Security; Identity and Access Management; Security Operations; Asset Security. 
  • Specialist experience in Either DevSecOps, Application Security, Security Architecture or Offensive Security will be an added advantage.
  • Knowledge of operating systems such as Windows and Linux and how to secure them
  • Knowledge of and/ or experience  in creating and managing DevSecOps pipelines practicing CSA, SAST, DAST, and Security as Code will be an added advantage
  • Be well-versed in at least one of the programming languages like Java, PHP, Python, Ruby, and Perl so as to collaborate competently with software engineering teams within the organization to identify and implement opportunities for improvement and automation in the CI/CD pipeline.
  • Knowledge of Cloud and container technologies such as AWS/GCP/Azure, Docker, Kubernetes, and how to implement developer tools such as GitHub and Dependency management will be an added advantage.
  • Knowledge of configuration management tools such as Chef, Puppet, and Ansible will be an added benefit.

 

APPLY HERE : https://www.pnet.co.za/jobs–Cyber-Security-Specialist-Johannesburg-APMC–3462587-inline.html

To apply for this job please visit www.pnet.co.za.

Job Overview
Job Location