Cyber Prevent Specialist

Role purpose:
Support the Technology Security in managing and maintaining asset inventory, coordinating Cyber Security Action Notices (CSANs) and Indicators of Compromise (IOCs), implementing security controls, and ensuring compliance with cybersecurity standards. This role requires a proactive individual with strong organizational skills, excellent relationship-building abilities, and a commitment to innovation.

Key accountabilities and decision ownership:

• Asset Inventory and Shadow IT Management: Maintain and update the organization's asset inventory, ensuring all assets are accurately documented and tracked including unauthorized applications and services within the organization. Conduct risk assessments to detect, assess, remediate and promote user awareness to mitigate Shadow IT risks.
• CSANs and IOCs Coordination: Identify, assess, and prioritize CSANs and IOCs in the organization's systems and networks. Coordinate remediation efforts and track progress.
• Security Controls and Projects Implementation: Develop, Lead, implement, support and monitor security controls and cybersecurity projects to protect the organization's information assets. Ensure timely and effective delivery of controls and project objectives.
• Security Compliance: Ensure compliance with relevant cybersecurity standards, regulations, and best practices. Conduct regular audits and assessments to identify and address compliance gaps.
• Collaboration and Communication: Work closely with colleagues across departments to promote a culture of security awareness and cooperation. Foster strong relationships with stakeholders to ensure alignment on security initiatives.

Core competencies, knowledge, and experience:

• Knowledge of Cybersecurity Principles: Understanding of fundamental cybersecurity concepts.
• Proficiency in Security Tools: Ability to use various cybersecurity tools for vulnerability scans, asset inventory, and security controls implementation.
• Regulatory Knowledge: Familiarity with cybersecurity regulations and standards such as GDPR, HIPAA, NIST, ISO 27001, and CIS Controls.
• Project Coordination: Ability to manage and coordinate cybersecurity projects, ensuring timely and effective delivery.
• Effective Communication: Strong verbal and written communication skills to convey complex security concepts to non-technical stakeholders.

Must have technical / professional qualifications:

• Education: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field.
• Certifications: Certified Ethical Hacker (CEH), CompTIA Security+, CompTIA Advanced Security Practitioner (CASP+) or similar certifications.
• Experience: Minimum of 3-5 years of experience in cybersecurity, with a focus on compliance and security controls implementation.

Skills:

• Strong organizational skills and attention to detail.
• Excellent relationship-building and communication skills.
• Ability to work collaboratively and cooperatively with colleagues.
• Proactive and innovative mindset, with a commitment to continuous improvement.
• Strong problem-solving and analytical skills.
• Ability to manage multiple tasks and projects simultaneously without procrastination.

Key performance indicators:

• Consistent improvement in Vodacom Compliance level and regular Reporting.
• Vodacom Security Baselines implemented at the highest standards.
• The percentage of systems and processes that comply with relevant cybersecurity standards and regulations.
• Time to respond and mitigate a CSAN/IOC.
• Shadow IT detection and Remediation rate.