Company: Premiere

Reference # LT002

Published 31/07/2019

Contract Type: Contract 36 Months

Location: Gaborone, South East, Botswana

Our Client in the microfinance industry is looking for suitable candidates to fill in the position of Cybersecurity Security Specialist.

Specification
1. Protect the Bank from unauthorized access to information and breaches by analyzing vulnerabilities and threats with the view to implement, improve implementation and Administer controls such as Identity and Privilege Access Management and Data-Loss Prevention solutions that enforce the least privilege and need-to-know compartmentalization;
2. Minimize the banks attack surface by enhancing Vulnerability Management and System Hardening:
Vulnerability Management to ensure that Vulnerabilities are prioritised and managed within reasonable timeframes and that controls are implemented where residual risk remains high;
Report Assets and vulnerabilities whenever required by the business using banks chosen metrics;
3. Work with technical controls that enforce the detection of security breaches:
Incidents and Breaches must be handled as per banks Incident Management plan in timeous fashion and reported properly;
Events must be reported continuously using banks chosen metrics system;
4. Consults with functional unit management and personnel to identify, define and document business needs and objectives, current operational procedures, problems, input and output requirements, and levels of systems access to ensure proper control of digital assets by creating standards, roles and lists and groups that will enforce good security principals;
5. Research, recommend and review new IT security systems and solutions to ensure the Bank uses modern solutions to address exposure to fast-changing global security risks and make recommendations to IT Management for medium to long term planning;
6. Identifies opportunities for improving business processes through information systems and/or non-system driver changes; assists in the preparation of proposals to develop new systems and/or operational changes;
7. Creating and implementing security-rel3058ated disaster recovery plans by conducting disaster recovery planning and testing on controls within the scope of the role, in case of a disruption to business operations ensuring that at least the same level of security will exist during disasters and their aftermath and where not possible that business is aware of the risk and its potential impact;
8. Continuously make all staff in radar more aware of their responsibility in making the organization more secure. Attention should be focused especially on staff whose duties gives them privileged access or whose functions can make or break security and privacy;
9. Document security systems technically and administratively;
10. Attend to various related tasks as assigned by the Group ISM.

Requirements
Bachelor’s Degree in Computer Science or Diploma in Information Systems with 5 years Information Security experience in a Security Engineering role
• As many Security Industry related Certifications as possible e.g. CISSP, CISA, CASP+, CEH, OSCP, any GIAC, any SANS etc.
• Product Specific Qualifications like Cisco Security Certs, CCSA/E, F5CA/CTS/CSE, Fortinet NSE4-8 but some specifically in IAM, PAM, V/M and DLP solutions.
• Proof of continuous learningTechnical:
• Understanding and knowledge of control frameworks ISO 27002 and CIS
• Information Security Engineering Experience
• Information Security Architecting Experience
• Solid Technical experience in the following areas a must: o IAM (including SSO and MFA) & PAM o SIEM & AI detective network-based tools o Deception-based network security tools o Vulnerability Management including S/W & H/W Asset control o DLP
• Strong Administrative Experience on mentioned security tools
• Technical writing including the creation of policies, standards, procedures & guidelines
• IT Security Audit fundamentals
• Sound IT Security systems concepts and principles
• Complex modelling techniques

Job Closing Date 07/08/2019