Cybersecurity Analyst

KEY RESPONSIBILITIES: MUST NOT BE MORE THAN 10

• Identify gaps in security controls and recommend improvements to mitigate risks.
• Evaluate the effectiveness of cybersecurity controls, including vulnerability management and access management.
• Provide technical Cybersecurity Assurance related support to ICT projects as needed.
• Contribute to the development and improvement of Security Policies and Minimum-Security Configuration Baseline Standards in line with industry best practices and technologies.
• Define, create, and deliver compliance reports and relevant metrics in Cybersecurity Assurance to senior management and relevant stakeholders.
• Provide tactical security expertise across various security domains as assigned from time to time.
• Provide input into Cybersecurity risk and control self-assessments by leveraging specialized knowledge in the Cybersecurity Assurance Space.
• Research on and provide technical expertise on improvements for assurance within the Group Cyber Security department.
• Participate in activities aimed at mitigating information and cyber risks identified by various assurance teams such as Information Risk and Audit

 

DAILY RESPONSIBILITIES: NOT MORE THAN 5 OF THE MOST TYPICAL

• End-to-end security management, optimization, and monitoring of Cybersecurity Assurance security solutions.
• Preparing technical and compliance reports.
• Identify gaps in security controls and recommend improvements to mitigate risks.
• Carry out continuous security reviews against minimum security baselines and implement or ensure remediation actions are completed.
• Drive implementation and maintenance of Cybersecurity Assurance standards.

 

CHALLENGES: GIVE ONE EXAMPLE OF THE CHALLENGES ENCOUNTERED IN THIS JOB

There is greater demand by the business to provide access to business-critical applications, and collaborative tools within and beyond the traditional network perimeter. The greater challenge is in providing this access while at the same time mitigating the risks to authentication of users and security and protection of the organisation’s information assets. When there is inability or mishap in the authentication of users and protection of these assets, the organization may lose data or competitive edge or even suffer financial losses and the associated reputational and regulatory risks.

 

MINIMUM POSITION QUALIFICATION REQUIREMENTS

Academic & Professional

Particulars Detail Specific Field or Qualification Need Type Education  Bachelor’s Degree BSc. Information Technology / Computer Science / Telecommunications / Engineering (Electrical, Electronic) or related field RQ Professional Qualifications

Security certification such as CISA, CCSP, CISSP, CEH, SSCP, CompTIA Security+, CRISC, Microsoft Azure Security Engineer Associate, OSCP, AWS certified Security, GSE, CCFP, CSX-F, ECSA, CCNA-Cyberops.

 

 

At least one RQ

 

 

  Master’s Degree MBA/MSc AA  

 

 

 

 

 

 

 

 

 

 

 

 

 

Experience

 

 

Total Minimum No of Years’ Experience Required

 

 

3

 

 

 

 

 

 

Detail Minimum No of Years Need Type Experience in Cyber Security 2 ES Experience in Project Implementation and user training 1 DE Experience in large busy technology environment  3 ES Experience in System, Network, or Database Administration 1 ES