• Implementing cyber security reviews, identifying gaps in the company’s security architecture, and creating cyber security risk management plans.
• Implement secure configuration management processes.
• Identify and prioritize important business functions of the company in collaboration with relevant company stakeholders.
• Analysis of candidate structures, allocation of security services, and selection of security mechanisms.
• Define system security context, concept of operations and baseline requirements in line with the company’s applicable cyber security policies.
• Design detailed functional specifications that document the company’s engineering development process.
• Defining the security controls of information systems and networks and documenting them appropriately.
• Determining appropriate levels of availability for critical system functions, disaster recovery and continuity of operations requirements.
• Develop and integrate cybersecurity designs for systems and networks with multi-level security requirements.
• Develop and address corporate security engineering and systems security engineering requirements throughout the acquisition lifecycle.
• Ensure that acquired or developed systems and architectures comply with the company’s cybersecurity engineering guidelines.
• Read and translate technical blueprints, specifications, drawings, diagrams and schematics related to systems and networks.
• Detecting and documenting the security controls of the company’s systems and networks.
Knowledge:
• NCA ECC Standard.
• The NIST CSF Framework.
• ITIL & COBIT standards.
• SAPSA Framework.
• Network access, identity management, access and access authentication methods.
• Operating systems, network traffic protocols and methods, management systems testing and evaluation methods.
• Concepts and functions of an application firewall.
• Requirements for confidentiality, integrity, availability and data security standards relating to personally identifiable information
• Configuration management techniques and embedded systems and how cybersecurity controls can be applied to them.
• Network design processes, including security objectives, operational objectives, and trade-offs.
• Network hardware hardware and functionality, network technologies, multi-level security systems, and cross-domain solutions.
qualifications:
• Bachelor’s degree in Computer Science, Software Engineering, Information Systems or a related field.
• 7-15 years of experience in information security and IT risk management.
• Experience working with common information security standards, such as: ISO 27001/27002, NIST, PCI DSS, ITIL, COBIT
• CISSP, CISM, CISA, CEH, SABSA Chartered Security Architect, CompTIA Security + or equivalent certifications.
We are a national group formed on the foundations of social responsibility and building the value gained with hard work and the quality of outputs that contribute to creating a fertile production environment for our valued customers so that they can present their work according to balanced performance standards that ensure continuity and reduce expected risks.