Job Description
The IT Security Analyst's main purpose is to ensure compliance with the Information Technology and Information Security policies of the company and supporting standards on an ongoing basis by participating in IT projects to ensure security requirements are considered and met, measuring compliance before projects are implemented and enhancing the security controls by continuous review.
- Strong client-facing communication skills and delivery focus.
- Ability to capture an overall view on technical and security issues
- Excellent interpersonal skills and the ability to stay motivated under pressure
Responsibilities
- Responsibilities include IT security architecture
- Conducting risk analysis
- Evaluating new data and IT security technologies.
- The function is responsible for ensuring an effective balance between the cost of security controls and the ROI of the information being protected.
Person Specification
You will ideally have experience in the following technical areas.
- 7+ years of IT experience with a focus on IT Security.
- Bachelor degree in Information Technology
- Holders of industry recognized certification viz. CISA, CISM, CISSP are a huge plus.
- Knowledge of industry security frameworks including ISO17799/27001, CoBit, and ITIL
- Experience of Security Architecture Design and Implementation, Wireless and Network security, system monitoring, Vulnerability Detection and Remediation, and Windows security knowledge a huge plus.
- Experience with security policy compliance tools and control processes
- Experience in Web application security including secure application development (security in SDLC phases) and architecture an asset.
- Defining security strategy and framework, policies, standards, and process, and the security blueprint
- Conducting IT Security Audit & Compliance Assessments
- Providing input to program design and help ensure compliance with security standards, policies and processes.
- Good analytical and problem-solving skills
- Able to manage successful relationships, can influence stakeholders.
- Good communication skills (both written and verbal)