Information Security Consultant
- Grade 12 with Mathematics
- Preferably a post matric qualification in Information Technology (Computer studies, Security+, etc.)
- ISO27001 and CISSP will be beneficial
- Good understanding of the SEB business environment
- Good interpersonal and negotiation skills
- End-to-end ownership of tasks and responsibilities (To ensure timeously delivery of tasks of an agreed quality)
Knowledge and experience:
- 5 Years working experience in an Information Security function
- 3 Years working experience on Active Directory and Linux (including Samba) security configuration.
- 1 Year business analysis exposure.
- 1 Year involvement with planning and execution of the change management process.
- Information Security Management
- Document and maintain application security policies & processes.
- Give input and/or evaluate development specifications to ensure compliance to information security policies and standards.
- Identify and/or log mitigation instructions for information security risks and or vulnerabilities
- Identify and/or log mitigation instructions for Security baseline non-compliance instances.
- Log mitigation instructions to resolve information security related audit findings.
- Do testing of security related deployments across the various development environments and production.
- Logical access
- Create and maintain security groups/profiles on the various applications
- Create new and add/remove/change users/user accounts to the various applications
- Implement and maintain effective reporting for user management on the various applications
- Audit controls & support
- Ensure that controls/reports – to monitor compliance to security policies and standards – are executed.
- Maintain records of completing these controls for input to the audit process(es)
- Collect and submit data to the various audit processes.
- Handle requests for additional information from the auditor(s)
- Facilitate the requests from auditors who requires input from third parties (GTI, BCX, MIP, etc.)
- Assist management to report on the progress of mitigation actions on previous findings.
- Business support
- Support projects and release teams during deployments
- Assist SEB IT Operational Support with security related business issues
- Facilitate Active Directory related issues for users and computers
- Facilitate file share/NTFS access requests
- Facilitate Linux and Samba Share access and support
- Facilitate firewall rule change requests.
- Assist the Disaster Recovery coordinator during exercises with security related issues.
- Team player
- Self-motivating / self-driven – focus in delivering results
- Detail orientated