IT Security Analyst at Rose Avenue Group

Job Responsibilities

Monitoring

• Continuously monitor security systems, logs and alerts to identify and mitigate potential threats.
• Ensure the confidentiality, integrity and availability of the data residing on or transmitted to/from/through enterprise workstations, servers and other systems and in databases and other data repositories.
• Ensure all systems interfaces are secured from any intrusion and all users’ activities are logged and users’ activities in systems are detailed and traceable.

Analysis

• Investigate, analyze and respond to security breaches, ensuring rapid containment and resolution.
• Periodically perform vulnerability assessments & penetration tests on systems and technology, identifying vulnerabilities and recommendations on closure of these vulnerabilities.
• Analysis of data from user and network monitoring to ascertain legitimacy of high priority activities noted.

Reporting

• Actively review application, server, database, network logs and audit trails and report.
• Provide and analyze departmental self-assessment reports on all systems controls to assist in focused controls.
• Pro-actively and comprehensively provide guidance on tools required to effectively manage and control company systems environment.
• Be involved in providing forensic data to all reviewers i.e. investigators, analysts, auditors etc.
• Provide Cyber security dashboard report for IT Committee, Executive management and board.

Review

• Review all issues logged by users and analyze trends as relates to systems security management.
• Conduct training sessions and awareness programs to educate employees and stakeholders on the latest cyber security threats and best practices
• Be involved and provide security guidance during technology projects, systems deployment, upgrades and changes.
• Continuous review of systems at all levels i.e. servers, applications, database, network devices etc., identify risks and make recommendations on closure of the risks.
• Collaborate with the IT teams to implement security tools, frameworks and system hardening techniques.

Implementation

• Manage all external parties’ access to infrastructure and systems and have detective measures for intrusion.
• Ensure that the infrastructure network LAN / WAN is secure from any intrusion.
• Establish and Maintain the Business Continuity Plan and Disaster Recovery Plan.
• Spearhead a compliance program to achieve industry standards, regulations, best practices, legal obligations and business goals by prioritizing initiatives and assessing the evaluation, deployment, and management of current and future technologies.
• Establish and implement the company’s security documents (policies, standards, baselines, guidelines and procedures).
• Enforce patches, version management and virus control.
• Pro-actively enforce and plan to ensure all noted risks are mitigated and potential threats addressed immediately.
• Carry out any other duties that may be assigned from time to time

Other Requirements

• Degree in Cyber Security, Computer Science or IT
• CompTIA Security+; CISSP Certification is highly desired
• 3 years’ relevant experience in Cyber Security or IT Security
• Experience with SIEM tools, IDS/IPS, Firewalls, Endpoint Security and Security monitoring tools, scripting or automation (Python, PowerShell)
• Knowledge of networking protocols, operating systems and cloud Security.