Security Analyst - Information And Cyber Security

Security Analyst - Information and Cyber Security
Cape Town
12-month contract
**Our Client**:
One of the leading Universities in South Africa.
**What they offer you**:
- Flexible Working conditions
- Structured package to benefit your bottom line
- 100 % discount on education for the staff member
- Relocation Assistance
**Salary**:
The annual remuneration package, including benefits, is negotiable between R906 943 to R1 066 991, depending on experience and qualifications.
**The Position**:
Our client is seeking a talented Information Security Analyst, to join their Information and Cyber Security team. This is a role that plays a critical part in ensuring that they derive value from their investment in Information and Cybersecurity and report to the Senior Manager of Information and Cybersecurity Services in the Enterprise Infrastructure Services division.
You will be responsible for evaluating and strengthening the security posture through continuous vulnerability, incident handling, and security assessments. If you have the skills and are excited by all things cyber, then keep reading.
**Qualification and experience required for the contractor role**:
- Relevant qualification at NQF level 7 and
**Skills and competencies required**:
- Experience in handling the entire lifecycle of your assigned security incidents from detection to resolution and root cause analysis
- Knowledge and experience in implementing and configuring enterprise antivirus solutions (server and Desktop)
- Exposure to specialized IR processes such as reverse engineering, red/blue team exercises, forensics and investigations of data exfiltration and lateral movement
- System Administrator knowledge and working experience in Windows/Linux environments
- Fundamental knowledge and experience with Vulnerability and Patch Management within an Enterprise environment
- Experience providing security architecture guidance to systems administrators and developers
- Understanding of information security frameworks (e.G., ISO, NIST) and digital forensic methodologies and possible shortcomings they may have.
- Confidently and professionally interview/question users to determine or confirm root cause
- Communicate effectively with response and business partners
- Experience in providing status updates to executives and stakeholders in non-technical terms encompassing risk, impact, containment, remediation, etc.
- An autonomous / self-managed work style
**Advantageous Skills**:
- Scripting and basic programming in PowerShell and
- Building and monitor SIEM alerting and
- Current Industry-recognized certifications g., Security+, CEH, CISA, CISSP, OSCP
- Working understanding of applicable legislation (security and privacy)
- Relevant NQF 8 qualification and/or experience in Higher Education is advantageous
**Responsibilities include**:
- Monitoring the university’s network for information and cybersecurity anomalies
- Handling the entire lifecycle of your assigned security incidents from detection to resolution and root cause analysis
- Planning and implementing information and cybersecurity measures to protect computer systems, networks and
- Providing input to disaster recovery plans
- Performing risk assessments and recommending information and cybersecurity controls and technical measures (e.G., firewalls, data encryption)
- Recommending information and cybersecurity enhancements
- Developing and implementing information security related processes, systems, and services through project work
- Providing technical leadership for one or more information and cyber security systems and/or service components
- Contribute and participate in information security awareness drives and campaigns
- Develop and maintain security policies and procedures
- Review existing and new technology architecture for data privacy and protection compliance
- Review existing and new technology to ensure it adheres to corporate information security
- Work with information security engineering to ensure all security tools are deployed
- Educate and promote secure software development lifecycle
- Assess current technology architecture for vulnerabilities, weaknesses, and for possible upgrades or improvement
- Assist with Ad hoc duties from time to time
- Assist with Projects as allocated by the line manager