Key Roles and Responsibilities:
Monitors security alerts and events from various sources, investigates potential threats, and escalates incidents as necessary.
Assists in the implementation and monitoring of security controls, including firewalls, intrusion detection systems, and access controls.
Performs regular vulnerability assessments, analyses scan results, and assists in prioritising and remediating identified vulnerabilities.
Supports the incident response team in investigating security incidents, documenting findings, and participating in remediation efforts.
Assists in ensuring compliance with industry standards (e.g., GDPR, ISO 27001) by conducting assessments and implementing necessary controls.
Installs security measures and operates software to protect systems and information infrastructure, including firewalls and data encryption programmes
Documents security breaches and assess the damage they cause
Works with the security team to perform tests and uncover network vulnerabilities
Fixes detected vulnerabilities to maintain a high-security standard
Develops organisational best practices for IT security
Performs penetration testing
Upgrades systems to unable security software
Installs and upgrades antivirus software
Tests and evaluates new technology
Assists with the installation of security software and understands information security management
Researches security enhancements and makes recommendations to management
Stays abreast of information technology trends and security standards
Contributes to security awareness initiatives by creating training materials, conducting workshops, and educating employees about best security practices.
Maintains accurate records of security incidents, assessments, and actions taken for reporting and audit purposes.
Assists in the management and maintenance of security tools, including antivirus software, encryption tools, and security information and event management (SIEM) systems.
Participates in risk assessments to identify potential security threats, vulnerabilities, and associated risks to the organisation.
Collaborates with cross-functional teams, IT, and other teams to ensure security measures are integrated into the organisation's processes and projects.
Knowledge, Skills and Attributes:
Seasoned, experienced professional; has complete knowledge and understanding of area of specialisation
Uses evaluation, judgment, and interpretation to select right course of action
Excellent communication skills to effectively convey technical information to non-technical stakeholders
Excellent analytical thinking and problem-solving skills to prevent hacking on a network
Strong leadership skills to identify and evaluate potential risks and to develop solutions
Ability to identify and mitigate network vulnerabilities and explain how to avoid them
Proficiency in understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts
Proficiency in understanding of patch management with the ability to deploy patches in a timely manner whilst understanding business impact
Proficiency with MAC and OS
Familiarity with security frameworks, standards, and regulations (e.g., NIST, CIS, GDPR)
Proficiency of understanding in network and system architecture, protocols, and security controls
Strong analytical skills to analyse security incidents and assess potential risks
Ability to work both independently and collaboratively in a fast-paced environment
Academic Qualifications and Certifications:
Bachelor's degree or equivalent in information security, cybersecurity, computer science, or related
Security certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP), or Certified Information Security Manager (CISM) are advantageous
Required Experience:
Seasoned demonstrated experience in information security or cybersecurity, or related roles
Seasoned demonstrated experience working in a global IT organisation
Seasoned demonstrated experience with computer network penetration testing and techniques
Seasoned demonstrated experience with security assessment and vulnerability scanning tools