Information Security Specialist - BankservAfrica

We provide skills, development opportunities and leadership support to our people so that they can hone their skills to do more and give more in support of each other, our clients, and our communities in a supportive, yet performance driven, environment.

WHO WE ARE

We're an innovative technology company with strong ties to the financial industry. Innovating bank interoperability since 1972, supporting the growth of the South African Economy and individuals across the continent, is what we excel at. Continuously striving for financial inclusion and providing everyone with access to the digital economy enabling them to do more, get more and benefit from financial inclusion so that they can give more.

WHAT WE DO

Access to financial Inclusion ensures individual growth and economic growth - securing the growth of the African nation. We have served this noble purpose for five decades across the African Continent and our growth spurs us on to do more, give more and include more.

We are firm believers in our people and the Adaptability Quotient (AQ) inherent in each of us that makes us strive to thrive. BankservAfrica have a high AQ and it is this quality that has driven our business to continuously innovate and evolve, building capability and capacity to include more, enabling greater access to the country’s financial landscape.

WHERE WE'RE GOING

The payments landscape is being modernised globally and, therefore, ours is an exciting industry to be part of. New technologies are the main thrust driving this change. Technology enables the possibilities, and people’s ingenuity creates opportunities.

As an enabler our future plans are orchestrated around assembling a central payments environment that actively seeks and acquires strategic partners to enable service extensions. The core of our Financial Services Platform is a fully interoperable, cloud-ready composite platform delivering real-time value transfer and settlement, enhanced by a range of value-added services. The platform will leverage technological advancements aimed at:

• Managing complex volumes
• Faster deployment and faster change
• Personalised user experiences, with standardised platform experiences being the norm

Doing more will be realised through our creation of platform extension partners who will benefit from our standardised API capability which they in turn can offer to their clients, giving more. We aim to include new Market Actors through our value chain extension which will allow 'pass-through' connection in those cases where an existing actor passes services through a new actor enabling them to give more to the ecosystem without compromising the security or the role of the heavily regulated financial institutions.

WHAT YOU WILL DO

We are looking to appoint a Information Security Specialist in our IT Security business reporting into the Manager IT Security Operations. You will be responsible for supporting the Cyber Defence Centre in its daily operations. This includes ensuring the defence and alerting capabilities are performing adequately, events raised by the SOC are analysed and remediation steps are taken were needed. Furthermore, the specialist will need to enable both proactive and reactive measures, these will include threat intelligence and threat hunting capabilities.

You will engage with the following stakeholders:

• Business Unit Owners
• Chief Technology Officer
• IT Risk Manager
• Enterprise Risk Manager
• IT Infrastructure team members
• Network team members
• Manager – End User Technology
• Internal Audit
• Systems Development team members

Key role responsibilities include:

Event Orchestration Management

• The collection, secure centralised storage and correlation of log, alert and event data from security systems, designated business critical systems (OS, Database and Application) and critical infrastructure components
• This includes the logging and tracking of security related issues and incidents to ensure successful resolution of potential incidents, problems, vulnerabilities, deviations and exposures

Cyber Intelligence & Threat Hunting (Detection)

• The collection, maintenance, reporting and response again Cyber/IT security threat intelligence
• The candidate will need to show an understanding of threat intelligence and threats as it pertains to organizations and the active and reactive measures that come in light of this information. This includes active threat hunting pre, during and post incidents

Incident Response, Recovery

• Security Incident Response and Recovery also considered, Incident Management is the organized approach to addressing and managing the aftermath of a security breach or attack (also known as an incident)
• The goal is to handle the situation in a way that limits damage and reduces recovery time and costs

Investigations Representative

• Investigation representation includes the support for further investigations, audit, and forensic support
• This also includes acting as a liaison between the other Cyber functions such as Assurance and Prevent and including other internal stakeholders such as GRC, Networks, IT and Audit

QUALIFICATIONS / KNOWLEDGE

• Tertiary qualification or equivalent experience in computer science and / or information systems or related technology infrastructure field
• Security Industry relevant certifications, e.g. CISSP, CISM, CISA, CompTIA – Security+, CEH (Certified Ethical Hacker)
• Understanding and application of the legislative and regulatory framework
• Experience in assessing, summarizing, and managing risk processes and methodologies in IT related environments (Risk related qualifications essential)
• Working knowledge of change management processes and frameworks
• Trend/root cause analyst from a vulnerability management perspective
• Proficient with Microsoft Programs
• Excellent written and verbal communication skills

EXPERIENCE

• At least 5 years in a large internal IT division or in a corporate IT company
• Minimum 5 years’ experience in IT Infrastructure or related field
• A sound background in technical/operational security is preferred
• Good commercial / business experience
• Excellent working knowledge of firewalling, intrusion prevention systems, proxies, gateways, network routing, switching
• Strong knowledge of TCP/IP, Internet facing services, Windows, Linux
• Working knowledge of Virtualisation (VMWare)
• Competent understanding of Penetration testing methodologies and techniques;
• Strong analytical skills
• Working knowledge of Security Event and Incident analysis
• Knowledge of various Unix scripting languages
• A good understanding of databases, database security technologies and measures
• Excellent knowledge of Directory Services, e.g. Microsoft Active Directory
• Proficiency in security architectures, design and protocols
• A good understanding of cryptography