IT Risk Security Specialist
Posted on Sep 18, 2021 by E-Frontiers
Due to increasing demands on IT Security resources owning to the implementation of a number of security projects, increased regulatory requirements & the general rise in Cyber-security threats. We are looking to hire an IT Security Specialist. Reporting to the IT Security Manager, you will measure, report, monitor and improve the effectiveness of existing security controls and provide advice and recommendations to IT staff as to the implementation of new security controls.
You will be responsible for assisting in the implementation of security projects, identifying and implementing enhancements to existing controls were necessary. This position is a mixture of project and 'Business as Usual' work. There is minimal 'hands-on' operational responsibilities, but candidates will need to be comfortable with technology, and capable of independent research and analysis of security threats to new or emerging technologies.
- Assist the IT Security Manager (ITSM) in responding to security incidents.
- Monitor and report on the effectiveness of key security & IT controls.
- Maintain documentary evidence of security control effectiveness.
- Contribute to the maintenance and development of the IT Risk register and related processes
- Contribute to the introduction, maintenance, and development of security controls such as DLP, E-mail filtering, EUC application governance
- Generate monthly security reports
- Conduct and report on phishing tests
- Monitor compliance to security policies, identifying, documenting, and remediating deviations.
- Review & investigate the output of security tools, including Vulnerability Assessment, SIEM & automated scripts, for security vulnerabilities and significant changes to the security status of the organisation.
- Work with service delivery team to implement identified improvements or remediate vulnerabilities.
- Ensure configuration of security controls such as Email filtering, vulnerability management and Endpoint Detection and response systems are optimal
- Provide security policy implementation guidance to internal I.S staff.
- Monitor and action routine events and incidents reported to the security team.
- Work on multiple projects simultaneously.
- Maintain an awareness of security news and developments in industry standards.
- Comply with the Risk and Compliance frameworks, policies and procedures associated with the role
- Analytical, organised and problem-solving temperament by nature with the ability to troubleshoot issues independently
- 3-5 years' experience in Information Security, IT RISK or related discipline.
- Advantageous - one or more of Security+, CISA, CISSP or related certifications.
- Advantageous - Degree in Information Security or IT.
- Advantageous - IT Risk experience
- Advantageous - IT security compliance experience
- Advantageous- Knowledge of IT Security best practices
- Advantageous - Knowledge of Information Security and Risk frameworks such as COBiT, ISO 27001, NIST, CIS Top 20.
- Advantageous - Knowledge of Project Management methodologies.
- Excellent written and strong verbal communication skills.