SECURITY ADMINISTRATOR

SABRIC is a Non-Profit Company based in Midrand, established to combat crime in the Banking & Cash in Transit industries. 

The company facilitates interbank collaboration and interfaces with a range of external organisations and public and private partners, most notably to progress crime risk mitigation initiatives.

The company has a challenging opportunity and is looking to appoint a Security Administrator 

Job Purpose:

Technology’s Purpose

To implement, maintain and support the systems and infrastructure that support the organisation in meeting its strategic objectives, enabling the organisation’s resources and members to collaborate and work together in a stable and secure environment to achieve the organisation’s shared strategic vision.

Infrastructure’s Purpose

To ensure the security, availability and performance of the infrastructure that hosts and processes the organisation’s information; and the databases that contain the organisation’s data are maintained to agreed service levels.To enhance the financial position of the organisation and provide information to management by researching and analysing accounting data and preparing accurate reports to enable decision making.

Key Responsibilities

Implement appropriate security controls to safeguard SABRIC’s information assets.

Respond to security incidents, including investigation and remediation.

Create and maintain accurate and complete firewall and router rules in accordance with applicable policies, process and standards, and review firewall and router rulesets bi-annually.

Create and maintain accurate and complete access control privileges in accordance with applicable policies, processes and standards and monitor users with high-level privileges.

Monitor network access to detect unusual activity that may threaten confidentiality, integrity or availability and take correct action.

Remain up to date with agreed standards, ensuring that SABRIC complies wherever possible.

Perform periodic compliance procedures and produce audit evidence, e.g., vulnerability scans, cardholder data searches, wireless walk-throughs, malware scan reviews, etc.

Troubleshoot and remediate vulnerabilities resulting from scans and annual penetration tests, subject to assessment of impact of changes with the Technology team.

Install, upgrade and maintain malware detection software, review weekly scan reports and take corrective action.

Remain abreast of emerging vulnerabilities and ensure the organisations are configured for resilience.

Research solutions to keep the organisation’s network up to date with the latest security technologies.

Document and maintain operational procedures, processes and configuration standards.

Support, administer and maintain the Banking CSIRT infrastructure.

Ensure knowledge is transferred in the Infrastructure sub-circle by documenting and reviewing configurations, workarounds and assets.

Manage availability, capacity and performance of Technology infrastructure and contribute to continuous service improvement initiatives.

Manage problems through to resolution, troubleshoot technical issues and implement workarounds and/or solutions.

Ensure Technology infrastructure, process and procedure documentation are reviewed and updated.

Ensure the continuity of Technology Services, conduct disaster recovery tests, keep the battle box up to date, and manage backups and replication according to agreed service levels.

Serve as a backup to the Network Administrator and perform their role when required.

Support the Helpdesk and Network Administration Support Technician in the performance of their role when required.

Support the Technology sub-circle providing support to other roles within the sub-circle ensuring they are able to perform their roles without impediment and providing technical assistance when required.

Cross Role Support

  1. Serve as backup to the Network Administration Role
  2. Support the Help Desk and Network Administration Support technician.

Documentation

Document all security configurations and processes.

Document security related plans and projects.

Ensure that audit evidence is filed and available for annual internal audit.

Qualifications

Tertiary qualification in Information Technology OR CISSP (Certified Information Security professional)

Exposure to ISO or PCI DSS or similar

Understands IT Service Management processes, exposure to ITIL, COBIT, etc.

Experience

Essential:

At least 5 to 7 years current experience as a Security Administrator on a medium sized network of servers and desktop systems, with the ability to support a variety of technologies.

At least Five years current technical network administration experience

Knowledge and Skills:

Knowledge of SSL, HTTP, DNS, SMTP and IPSec and encryption techniques.

Strong technical experience on firewall technologies – FortiGate advantageous.

Solid technical troubleshooting skills, i.e., both for security and network administration.

Intermediate to expert IDS/IPS technical experience.

Intermediate to expert virus protection and content filtering experience.

Understanding of information classification policies.

Investigation and remediation of security incidents, i.e., understanding of associated processes and reporting.

Demonstrated technical understanding of VPN’s and remote access.

Experience with vulnerability scanning tools, including web application vulnerability scanning tools.

Solid technical experience in IIS and Apache Tomcat.

Solid Microsoft Windows and Hyper-V technical experience.

Solid Linux and VMWare technical skills.

Solid experience in security awareness initiatives.

Solid networking experience, understanding of VLANS, routing and IP Addressing

Personality Profile

Behaviours and Competencies:

Self-driven, goal oriented with a positive attitude, and a clear focus on service delivery. Required to set goals and drive to achieve them.

Mature, credible, reliable, well presented and business like, with good communications and interpersonal skills.

Ability to communicate well, especially in English, including, oral, written, presentation and listening.

Ability to work well alone or as part of a team.

Organised, analytical and capable of identifying and solving problems.

Keen for new experience and responsibility.

Ability to work well under pressure, calm and with clarity of thought.

Proactive with integrity.

Ability to maintain confidentiality.

Personal Situation

Able to commute reliably to office.

Must have a vehicle and drivers licence.

Able to work extended hours when required.

Access to a stable internet connection, preferably fibre with a bandwidth no less than 10Mpbs 

Remuneration package will be offered to the successful candidate, in line with qualifications, experience and level of competence. Forward you’re CV to debbier@sabric.co.za on or before 7th May 2021. Should you not be contacted by 14th May 2021 please consider your application as unsuccessful

 

By applying for this position at SABRIC, the applicant understands, consents and agrees that SABRIC may solicit a credit and criminal report from a registered credit bureau and/or SAPS (in relation to positions that require trust and honesty and/or entail the handling of cash or finances) and may also verify the applicant’s educational qualifications and employment history.

SABRIC reserves the right not to appoint if a suitable candidate is not identified