- Published on
GAUTRAIN MANAGEMENT AGENCY (GMA) - SPECIALIST: INFORMATION COMMUNICATION AND TECHNOLOGY SECURITY
GAUTRAIN MANAGEMENT AGENCY (GMA)
SPECIALIST: INFORMATION COMMUNICATION AND TECHNOLOGY SECURITY
44 Grand Central Boulevard, Midrand, Gauteng 1682
Job Description
The Gautrain Management Agency (GMA) is a Provincial Public Entity listed in schedule 3 of the Public Finance Management Act. The GMA is established in terms of the Gautrain Management Agency Act, No. 5 of 2006 (as amended), to manage, coordinate and oversee concession agreements for the Gautrain rail transit system and assist the Province and other Organs of State in realizing their integrated public transport and rail – related objectives in the Province.
Purpose: To perform the day-to-day operations and monitoring of the in-place security solutions, identification, investigation, and resolution of security events and incidents detected by those systems. Secondary tasks include design and implementation of new security solutions or the enhancement of current solutions, participation in the creation and or maintenance of policies, standards, baselines, guidelines, and procedures as well as conducting vulnerability and risk assessments on IT systems. To be fully aware of the organisation’s security goals as established by strategies, policies, procedures, and guidelines and to actively work towards upholding those goals.
Minimum Qualifications: Formal Certification in the Information Security field or studying towards Information Security Certification.
Experience: 4 years’ experience in the information security field with a strong emphasis on cloud based technologies.
Competencies: Proven analytical and problem-solving abilities; Ability to conduct research into IT security issues and products as required; Excellent attention to detail; Strong interpersonal and oral communication; Highly self-motivated and directed; Strong organizational skills; Understanding of confidentiality and privacy issues, and the law relating to them.
Knowledge and Skills: Ability to perform cyber-attack path modelling; Knowledge and understanding cyber-attack techniques; Understanding of information and technology threat taxonomy; General Information technology knowledge; Intuition and keen instincts to pre-empt attacks; Excellent understanding and experience in vulnerability management; Ability to present ideas in business-friendly and user-friendly language; Strong understanding of the organization’s goals and objectives. Ability to effectively prioritize and execute tasks in a high-pressure environment. Able to work in a team-oriented, collaborative environment.
Key Responsibilities:
- Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors.
- Recommend additional security solutions or enhancements to existing security solutions to improve overall security posture.
- Planning and design of IT security solutions, under the direction of the Information Security Officer (“ISO”).
- Perform the deployment, integration, and configuration of all security solutions and of any enhancements to existing security solutions in accordance to strategy, policies, frameworks and standards.
- Administer IT Security systems
- Develop, review and assess compliance to IT security standards.
- Provide input into the development of IT security strategy, frameworks, policies, standards and procedures.
- Manage and ensure the security of data, applications, user identities and devices on on-prem and cloud-based systems.
- Maintain up-to-date baselines for the secure configuration and operations of all in-place applications, workstations, cloud services, servers, network and firewall devices.
- Function as an internal consulting resource on IT security issues.
- Design and execution of vulnerability assessments, penetration tests, and security audits.
- Participate in the planning and design of business continuity, disaster recovery and security incident response.
- Participate in the execution of business continuity, disaster recovery and security incident response simulations
- Assess and report on GMA’s ICT compliance with respect to information security policies, procedures, standards and guidelines.
- Report on vulnerabilities
- Perform and report on administrator and end user security related activity reviews
- Review, analyse and report on security events on IT systems.
- Review and report on security controls
- Assess the impacts on system modifications and technological advances.
- Review systems in order to identify potential security weaknesses, recommend improvements to amend vulnerabilities, implement changes and document upgrades.
- Identify and manage IT security risks.
- Maintain the ICT Risk Register.
- Monitor and evaluate IT security threats.
- Research, develop, test and review information security initiatives in order to protect information and prevent unauthorised access.
- Relationships with employees, stakeholders and service providers.
- Build and maintain relationships with the GMA’s employees, stakeholders, service providers, researchers and other stakeholders
TERMS AND CONDITIONS
The GMA is an equal Opportunity and Affirmative Action Employer and is committed to the achievement and maintenance of diversity and equality in employment, especially in respect of race, gender and disability. In line with our endeavours to comply with the Employment Equity Act and meet our Employment Equity Plan numerical goals preference for this position will be given to African/Indian/Coloured/white Males and/or Coloured/Indian/White Females and/or Person with Disabilities (PwD). The GMA offers competitive market related salaries and the remuneration on a Total Guaranteed Package.
Kindly note that qualifying candidates will be required to complete the declaration of interest and confidentiality form. The incumbent will undergo verification of qualifications, State Security Agency Clearance and vetting process. Background checks will be conducted and additionally, the incumbent will undergo Psychometric and Competency Assessments.
Candidates are required to submit detailed CV together with their applications for the attention of Human Capital Unit.
Enquiries can also be mailed to the hr@gautrain.co.za or call or 011086 3556/7. Late and incomplete applications will not be considered. If you have not received any response from us 30 days after the closing date, consider your application unsuccessful.
CLOSING DATE: 19 OCTOBER 2020
APPLY ONLINE