IT SECURITY ADMINISTRATIVE

Key Responsibilities

  • Implement appropriate security controls to safeguard SABRIC’s information assets.
  • Respond to security incidents, including investigation and remediation.
  • Create and maintain accurate and complete firewall and router rules in accordance with applicable policies, process and standards, and review firewall and router rulesets bi-annually.
  • Create and maintain accurate and complete access control privileges in accordance with applicable policies, processes and standards and monitor users with high-level privileges.
  • Monitor network access to detect unusual activity that may threaten confidentiality, integrity or availability and take correct action.
  • Remain up to date with agreed standards, ensuring that SABRIC complies wherever possible.
  • Perform periodic compliance procedures and produce audit evidence, e.g., vulnerability scans, cardholder data searches, wireless walk-throughs, malware scan reviews, etc.
  • Troubleshoot and remediate vulnerabilities resulting from scans and annual penetration tests, subject to assessment of impact of changes with the Technology team.
  • Install, upgrade and maintain malware detection software, review weekly scan reports and take corrective action.
  • Remain abreast of emerging vulnerabilities and ensure the organisations are configured for resilience.
  • Research solutions to keep the organisation’s network up to date with the latest security technologies.
  • Document and maintain operational procedures, processes and configuration standards.
  • Ensure knowledge is transferred in the Infrastructure function by documenting and reviewing configurations, workarounds and assets.
  • Manage availability, capacity and performance of Technology infrastructure and contribute to continuous service improvement initiatives.
  • Manage problems through to resolution, troubleshoot technical issues and implement workarounds and/or solutions. Ensure Technology infrastructure, process and procedure documentation are reviewed and updated.W W W . S A B R I C . C O . Z A
  • Ensure the continuity of Technology Services, conduct disaster recovery tests, keep the battle box up to date, and manage backups and replication according to agreed service levels.
  • Serve as a backup to the Network Administrator and perform their role when required.
  • Support the Service Desk and Network Administrator in the performance of their roles when required.
  • Support the Technology sub-circle providing support to other roles within the sub-circle ensuring they are able to perform their roles without impediment and providing technical assistance when required.

Cross Role Support

  1. Serve as backup to the Network Administrator Role
  2. Support the Help Desk and Network Admin Support technician

Documentation

  • Document all security configurations and processes.
  • Document security related plans and projects.
  • Ensure that audit evidence is filed and available for annual internal audit.

Qualifications

  • Tertiary qualification in Information Technology or relevant equivalent hands on experience
  • Candidates with a CISSP (Certified Information Security professional) will be given preference
  • Exposure to ISO or PCI DSS or similar
  • Understands IT Service Management processes, exposure to ITIL, COBIT, etc.
  • Exposure to Azure Active Directory and Microsoft Security and Compliance

Experience
Essential:

  • At least 5 years current experience as a Security Administrator on a medium sized network of servers and desktop systems, with the ability to support a variety of technologies.
  • At least 3 years current hand on technical network administration experience

Knowledge and Skills:

  • Knowledge of SSL, HTTP, DNS, SMTP and IPSec and encryption techniques.
  • Strong technical experience on firewall technologies – FortiGate advantageous.
  • Solid technical troubleshooting skills, i.e., both for security and network administration.
  • Intermediate to expert IDS/IPS technical experience.
  • Intermediate to expert virus protection and content filtering experience.
  • Understanding of information classification policies.
  • Investigation and remediation of security incidents, i.e., understanding of associated processes and reporting.
  • Demonstrated technical understanding of VPN’s and remote access.W W W . S A B R I C . C O . Z A
  • Experience with vulnerability scanning tools, including web application vulnerability scanning tools.
  • Solid technical experience in IIS and Apache Tomcat.
  • Solid Microsoft Windows and Hyper-V technical experience.
  • Solid Linux and VMWare technical skills.
  • Solid experience in security awareness initiatives.
  • Solid networking experience, understanding of VLANS, routing and IP Addressing
  • Intermediate to expert Azure Active Directory experience
  • Intermediate to expert Microsoft Security and Compliance experience

Personality Profile
Behaviours and Competencies:

  • Self-driven, goal oriented with a positive attitude, and a clear focus on service delivery. Required to set goals and drive achieve them.
  • Mature, credible, reliable, well presented and business like, with good communications and interpersonal skills.
  • Ability to communicate well, especially in English, including, oral, written, presentation and listening.
  • Ability to work well alone or as part of a team.
  • Organised, analytical and capable of identifying and solving problems.
  • Keen for new experience and responsibility.
  • Ability to work well under pressure, calm and with clarity of thought.
  • Proactive with integrity.
  • Ability to maintain confidentiality.

Personal Situation

  • Able to commute reliably to office.
  • Must have a vehicle and drivers licence.
  • Able to work extended hours when required.
  • Access to a stable internet connection, preferably fibre with a bandwidth no less than 20Mpbs

Privacy Notice

By applying for this position at SABRIC, the applicant understands, consents, and agrees that SABRIC may solicit a credit and criminal report from a registered credit bureau and/or SAPS (in relation to positions that require trust and honesty and/or entail the handling of cash or finances) and may also verify the applicant’s educational qualifications and employment history.

It is confirmed that by submitting information to SABRIC, the applicant consents to the collection, collation, processing, and storing of such information and the use or disclosure in the recruitment process in accordance with the Protection of Personal Information Act.

SABRIC reserves the right not to appoint if a suitable candidate is not identified.

W W W . S A B R I C . C O . Z A Forward your CV and academic transcripts to salonag@sabric.co.za Should you not be contacted two weeks hereafter, please consider your application as unsuccessful.