Information & Technology (IT) Security Specialist

Closing Date: 
Thursday, August 31, 2017
Location of the Job: 
Namibia
Reference Number: 
Nam 25/8/17-006
Reports To: IT Manager
 
Purpose of the Job:
The ICT Security Specialist primary objective is to research, develop, implement, test and review an organization’s information security in order to protect information and prevent unauthorized access. Thereby protecting systems by defining access privileges, control structures, and resources. 
 
Key Accountabilities:
1. Protect the Bank from unauthorized access to information and violations of IT systems by analyzing and assessing potential security risks and implementing and managing defensive counter measures such as firewalls, intrusion prevention systems and data-loss prevention solutions, to enable a safe computing environment;
2. Enforce user access control on various IT systems and infrastructure to ensure only authorized users have access to systems and provide updates and reports to IT Management and the Bank’s Risk Management function. Consults with functional unit management and personnel to identify, define and document business needs and objectives, current operational procedures, problems, input and output requirements, and levels of systems access;
3. Conduct security assessments by performing ethical hacking & penetration testing and on a regular basis to expose and report on weaknesses in security for the Bank’s IT systems & to make recommendations on solutions and mitigating actions;
4. Research, recommend and review new IT security systems and solutions (i.e. Firewalls, IPS, Threat Management etc.) to ensure the Bank uses modern solutions to address exposure to fast-changing global security risks and make recommendations to IT Management for medium to long term planning;
5. Identifies opportunities for improving business processes through information systems and/or non-system driver changes; assists in the preparation of proposals to develop new systems and/or operational changes; 
6. Creating and implementing security related disaster recovery plans by conducting disaster recovery testing in case of a disruption to business operations, in conjunction with the Bank’s risk management function to ensure effective continuity of business;
7. Improve the security posture of staff members by assisting with user awareness and security training of end users on an annual basis to reduce the effectiveness of social engineering and elementary mistakes that can cause security breaches; 
8. Maintain regular documentation on security systems and provide incidents & periodic reports on IT Security related matters by monitoring, reviewing and auditing systems for IT Management to ensure the security posture of the Bank is optimized and breaches to systems are reported on and mitigated in a timely manner;
9. Attend to various related tasks as assigned by the IT Manager
 
Required Knowledge and Skills:
Bachelor’s Degree in Computer Science with 3 years of relevant experience Or
3 year Diploma in Information Systems with 4 years of relevant experience  
Security Industry related Certifications are a distinct advantages 
 
Technical: 
Understanding and knowledge of ISO 27000 series of IT Security standards (more specifically 27002)
IT Security Audit fundamentals
Network security and security architecture
Penetration testing and ethical hacking
Sound IT Security systems concepts and principles 
Technical computer knowledge 
Complex modelling techniques 
Technical writing 
 
Analytical: 
Analytical and conceptual expertise
IT forensic analysis
Incident handling & analysis
Planning, documentation, analysis and business requirements management techniques  
Object-oriented analysis 
Evaluation of profitability/risk 
Testing, verification and validation techniques 
Creation of the Business Requirements Document - BRD 
Administrative and reporting abilities 
 
Management: 
Decision-making 
Fundamentals of project management 
Identity & Access Management 
Confidentiality, ethical behavior & integrity
Management of organizational changes 
Time management and personal organization skills  
Integrity and ethics 
 
General Responsibilities
Flexible in working under changing and different work settings. 
Maintain high team morale. 
Adhere to company and project standards and guidelines. 
Accurate time accounting and reporting of own work. 
Promptly escalate issues, which affect product delivery and quality that are beyond scope of influence and report it to reporting manager. 
Pay high attention to detail in all work. 
Quality, on time delivery of agreed deliverables. 
Contribute to the company knowledge base and process improvements. 
 
Technical Recommendation and Testing 
Co-ordinate testing efforts with QA 
Ensures issues are identified, tracked, reported on, and resolved in a timely manner. 
Works with IT personnel to identify required changes. 
Communicates needed changes to CAB team. 
 
Project Execution
Assists in enforcement of project deadlines and schedules. 
Takes input from supervisor and appropriately and accurately applies comments/feedback. 
Communicates and applies project standards. 
Manages resources in accordance with project schedule. 
Consistently delivers high-quality services to our clients. 
Understands the components of running a fiscally successful project. 
Acknowledges and appreciates each team member's contributions. 
 
Typical Working Conditions:
Work is performed in an office environment; continuous contact with other staff and/or the public. 
Occasional overtime and travel to outside branches is required.
 
Apply: