- Published on
NATIONAL DEVELOPMENT AGENCY (NDA) - ICT SPECIALIST: SECURITY
NATIONAL DEVELOPMENT AGENCY (NDA)
PERMANENT POSITION
The National Development Agency (NDA) is a Schedule 3A National Public Entity with a mandate for poverty eradication and is accountable to Parliament through the Minister of Social Development.
The NDA hereby invites applicants from suitable qualified professionals to fill the following available position:
ICT SPECIALIST: SECURITY
Purpose
The position is responsible for performing ICT security access control, monitor systems, create awareness and related administration in order to create and maintain technology driven physical security infrastructure for ICT environment and protection of the NDA information. In addition, the position is responsible for the alignment of information security governance with the business objectives, information security strategy including compliance measurement, deviations and exemptions.
Division: Corporate Services
Reports To: Senior Manager: ICT
Position location: Head Office
Peromnes Grade:
Number of Direct Reports/ Supervision: 1
POSITION REQUIREMENTS
Minimum Qualification
National Diploma in IT
Network+, Security+ certification (COMPTIA)
Professional level Information Security Certification (CISSP / CISM / CISA)
Essential Experience
3 years relevant information security experience within a corporate ICT environment
Knowledge
Good knowledge and understanding of industry best practice with regards to IT Security controls such as: Anti-Virus/Anti-Malware, Patch management, Remote Access VPN, data and web content filtering, Data Loss Prevention
Good knowledge and understanding of company internal control procedures and risk policy
Good knowledge and understanding of NDA IT security policies and procedures or equivalent or equivalent.
Good knowledge and understanding of relevant desktop and server hardware and software
Knowledge of Security and different levels of Encryption and Authorisation Schemes
Skills & Abilities
Excellent communication skills
Problem-solving
Interpersonal skills
Decisiveness
Integrity
Resilience
Strong ICT technical ability
Good report writing skills
Risk Management skills
Main Areas of Responsibility
Information Security
Develop plans to safeguard computer files against unauthorized modification, destruction or disclosure.
Monitoring for data violations internally and externally.
Manage and monitor internal and hosting FIREWALL rules in conjunction with Networks.
Identify accurate causes of security violations.
Implementation of appropriate remedies to ensure data and systems security.
Perform periodical reporting on violations and notification to ICT Senior Manager
Proactive implementation of fixes and patches to block viruses and attacks to the entire ICT system environment.
Maintain industry best practices with regards to ICT Security controls such as: Anti-Virus/Anti-Malware, Patch management, Remote Access VPN, data and web content filtering, Data Loss Prevention, etc.
Maintain awareness of ICT security trends and vulnerabilities, e.g. major virus outbreaks.
Conduct proactive and effective communication (Intranet, email, posters) of risks and vulnerabilities to staff.
Implement an appropriate ICT security support to NDA staff.
Ensure that the data transmissions are encrypted and configure firewalls to conceal confidential information during transmission.
Implement and manage password authentication to keep unauthorized users from accessing sensitive data files.
Modify security files to incorporate new software, correct errors, and change user access status.
Perform risk assessments and tests on running data processing activities and security measures.
Train staff about computer security and promote security awareness and security protocols.
Participate in testing exercise of Disaster Recovery Plan as per schedule.
Implementation of ICT Security Strategic plan.
Maintain, administer and backup of ICT security servers and applications.
Develop and maintain SOP's/ guidelines regarding access control to Service Desk, Desktop and Information Security.
Management of physical access to NDA Offices.
General Technical Support
Provide desktop technical support to all NDA Users
Provide Network, Server & E-mail User Support
Log, investigate and follow-up and resolve logged calls on ICT helpdesk
KEY RELATIONSHIP INTERFACES
Internal Relationships - other than reporting lines (manager and subordinates). *
• All NDA Staff
External Relationships (With Local/Provincial structures and other key parties, specify)
Service Providers
Sector Departments
POSITION REQUIREMENTS
Minimum Qualification
National Diploma in IT
Network+, Security+ certification (COMPTIA)
Professional level Information Security Certification (CISSP / CISM / CISA)
Essential Experience
3 years relevant information security experience within a corporate ICT environment
Knowledge
Good knowledge and understanding of industry best practice with regards to IT Security controls such as: Anti-Virus/Anti-Malware, Patch management, Remote Access VPN, data and web content filtering, Data Loss Prevention
Good knowledge and understanding of company internal control procedures and risk policy
Good knowledge and understanding of NDA IT security policies and procedures or equivalent or equivalent.
Good knowledge and understanding of relevant desktop and server hardware and software
Knowledge of Security and different levels of Encryption and Authorisation Schemes
Skills & Abilities
Excellent communication skills
Problem-solving
Interpersonal skills
Decisiveness
Integrity
Resilience
Strong ICT technical ability
Good report writing skills
Risk Management skills
Main Areas of Responsibility
Information Security
Develop plans to safeguard computer files against unauthorized modification, destruction or disclosure.
Monitoring for data violations internally and externally.
Manage and monitor internal and hosting FIREWALL rules in conjunction with Networks.
Identify accurate causes of security violations.
Implementation of appropriate remedies to ensure data and systems security.
Perform periodical reporting on violations and notification to ICT Senior Manager
Proactive implementation of fixes and patches to block viruses and attacks to the entire ICT system environment.
Maintain industry best practices with regards to ICT Security controls such as: Anti-Virus/Anti-Malware, Patch management, Remote Access VPN, data and web content filtering, Data Loss Prevention, etc.
Maintain awareness of ICT security trends and vulnerabilities, e.g. major virus outbreaks.
Conduct proactive and effective communication (Intranet, email, posters) of risks and vulnerabilities to staff.
Implement an appropriate ICT security support to NDA staff.
Ensure that the data transmissions are encrypted and configure firewalls to conceal confidential information during transmission.
Implement and manage password authentication to keep unauthorized users from accessing sensitive data files.
Modify security files to incorporate new software, correct errors, and change user access status.
Perform risk assessments and tests on running data processing activities and security measures.
Train staff about computer security and promote security awareness and security protocols.
Participate in testing exercise of Disaster Recovery Plan as per schedule.
Implementation of ICT Security Strategic plan.
Maintain, administer and backup of ICT security servers and applications.
Develop and maintain SOP's/ guidelines regarding access control to Service Desk, Desktop and Information Security.
Management of physical access to NDA Offices.
General Technical Support
Provide desktop technical support to all NDA Users
Provide Network, Server & E-mail User Support
Log, investigate and follow-up and resolve logged calls on ICT helpdesk
KEY RELATIONSHIP INTERFACES
Internal Relationships - other than reporting lines (manager and subordinates). *
• All NDA Staff
External Relationships (With Local/Provincial structures and other key parties, specify)
Service Providers
Sector Departments
Application details: A detailed Curriculum Vitae (CV), with three references, and the supporting relevant qualifications must accompany the application and a fully completed application for employment form obtainable on www.nda.org.za must be emailed to careers@nda.org.za.
Correspondence will be limited to shortlisted candidates only. Preference will be given to candidates whose appointment will promote NDA Employment Equity targets.
NB: Use the job reference as a subject line (heading of the email application) e.g. Reference no: 2023ICTSS1. An email without the reference number as a subject/heading will be disqualified. Please ensure that the reference number is written the same way as in the advert.
Failure to submit a detailed CV, fully completed application form and comply with the application instructions above will result in the disqualification of your application.
For enquiries regarding this position, please contact Ms. Pateka Momoza at Tel: 011 018 5500/5632.
Should you not be contacted within two months of the closing date of this advert, please consider your application as unsuccessful. All candidates will be subjected to personnel suitability checks, qualification verification and competency assessment where required.
CLOSING DATE: 14 JULY 2023