Administrator: Cyber Security

Purpose of the Job: Reporting to the Manager: Cyber Security Operations, the successful incumbent is responsible for the day-to-day technical administration of cybersecurity tools and devices, as well as first-level support for security service requests and incidents.

Key Performance Areas

Security Administrative Duties

• Perform user and access administration on designated systems and applications, in accordance with defined policies, standards and procedures of the organisation.
• Perform system security administration on designated technology platforms, including operating systems, applications and network security devices, in accordance with the defined policies, standards and procedures of the organisation, as well as with industry best practices and vendor guidelines.
• Perform installation and configuration management of security systems and applications, including policy assessment and compliance tools, security appliances and endpoint security systems.
• Support initiatives for threat and vulnerability assessments, in some cases followed by appropriate remedial action, to ensure that systems are protected from known and potential threats and are free from known vulnerabilities.
• Support application of patches where appropriate and, as directed by responsible security officers or management.
• Support initiatives to remove and mitigate known control weaknesses, such as unnecessary services or applications or redundant user accounts, as a means of hardening systems in accordance with security policies and standards.
• Support security awareness programs with the organisation.
• Researches, recommends, evaluates and implements cybersecurity solutions that identify and/or protect against potential threats, and respond to security violations.

Security Service Requests and Incidence Response

• Participate in investigation, analysis and review following any security breach/incident.
• Participate in defining and implementing the comany's processes to record the security incident details.
• Ensure security incidents/requests are recorded in the company incident management system before attending
• Respond and remediate incidents and requests within statutory time periods.
• Responds to level 1 security incidents and, where appropriate, escalate reported security incidents and requests.
• Performs normal and exceptional processing of user access and change requests, escalating such requests when appropriate.

Reporting

• Preparation of regular information security practices reports, compiling data for senior management and technical teams.
• Reports unresolved network security exposures, misuse of resources or noncompliance situations using defined escalation processes.

Stakeholder Management

• Support the facilitation and management of communications with relevant internal stakeholders on ICT Security matters, under the guidance of the Seniors and ICT Management.
• Provide assistance to IT operational staff regarding systems security processes, policies, and controls based on established guidelines.

Qualifications and Experience

• Bachelors Degree/ Advanced Diploma in Information Systems, Computer Science or related qualification.
• Relevant 3 years experience in IT/ Service Desk Operations or Network Security experience.

Technical and Behavioral Competencies Required

• Planning, organisation and coordinating.
• Personal Mastery
• Judgment and Decision Making
• Ethics and Values
• Client Service Orientation
• Access management security knowledge and experience.
• System and Database security knowledge and experience.
• Information Security knowledge and experience (Standards, Procedure, Process and Best Practice e.g.: ISO 27001/2, CoBIT, ISF SOGP, ITIL.
• Advanced Microsoft OS skills.
• Understands Company's Business Ethics and Values.
• RAF Policies, Standards, Process and Procedures.
• Knowledge of SAP Security Platforms.
• Knowledge of COBIT and ITIL.
• Understanding of the threat landscape.
• Data leakage prevention.