Job Description: Security Analyst
Employed by: Striata Communication Solutions (Pty) Ltd
Reports to: Head of Global Solutions
We’re looking for…
A logical and open-minded security specialist that has a good security foundation. A highly motivated individual who is willing to learn and implement new and exciting things.
Who are you?
You’re a critical thinker who can Safeguard information system assets by identifying and solving potential and actual security problems.
What’s the role?
The hands on control of security for an international company and management of Global systems. Tasks include items such as:
- Monitor, investigate and report on day to day operational incidents.
- Monitor toolsets for security events and conduct proper investigations.
- Be able to be a part of an incident response team and triage.
- Assess security incidents quickly and effectively and communicate a course of action to Regional Security SMEs.
- Compile and maintain information security incident reports. Ensure that all incidents are recorded and tracked to meet audit and legal requirements.
- Oversee and conduct root cause analysis to identify gaps and recommendations ultimately remediating risks to the organisation.
- Provide content creation and policy tuning for multiple security detection and alerting tools.
- Effectively manage reported system, application and device vulnerabilities and through remediation and maintenance in adherence with incident response procedures.
- Maintain all the security governance documents that are required to support the strategy/solutions.
- Develop and optimize processes to improve security threat identification and remediation.
- Maintain active understanding of industry practices for threat analytics and incident response.
- Assisting developers in secure coding best practices, risk mitigation techniques, and threat modelling.
- Explain, present, demonstrate (when applicable) and document the operational impact of a particular vulnerability, threat or risk.
- Monitor and maintain approved baseline network topologies and configuration.
- Vulnerability and penetration testing.
- Compile vulnerability and penetration testing reports according to the Global Security standard.
- Conduct Phishing campaigns.
- Provide security, technical, configuration, and architecture support to Regional security SME representatives as required.
- Day to day operational tasks as assigned.
- Due to the Global nature of the role and the different time zones, scheduled after-hours and weekend work might be required.
- The employee is required to be on standby for urgent escalations at all times.
Boxes to tick
- A minimum of two (2) years relevant work experience
- Experience using vulnerability management tools, firewalls, intrusion detection systems, and responding to network/computer intrusions and supporting inquiries
- Knowledge of information systems security principles and methods, the requirements for certification and accreditation of systems testing and evaluation, and performance management methods
- Knowledge of test and assessment methods to evaluate security authentication technologies
- Knowledge of standards like PCI, ISO 27001.
- Expansive general IT knowledge
- IT qualification on NQF Level 5 will be preferable.
You’re someone who…
- Has a PASSION for Security
- Is able to work independently and questions the status quo
- Has an above and beyond attitude
- Values constructive feedback
- Works well in a team
- Is proactive and service driven
- Is Honest and reliable
- Is able to remain flexible, function under pressure and maintain a positive attitude
- Is a highly energetic creative and lateral thinker
- Honest and reliable
- Self-motivated & well presented
- Demonstrate sound work ethics
- Amazing attention to detail
- Quick learner
- Effective listening and verbal and written communications skills
- Ability to communicate remotely with global team members
- Ability to multi-task and stay calm under pressure
- Excellent time management ability
- Highly organized, logical and structured individual