Specialist : Cyber Security

Job title : Specialist : Cyber Security Job Location : KwaZulu-Natal, Durban Deadline : December 10, 2025 Position Purpose The primary purpose of the position is to maintain the safety of the organization's ICT systems and networks as well as providing cyber security architecture to enable the business to achieve its strategic outcomes. The position entails creating, testing, implementing and analysing the effectiveness of various security systems as well as preventing data breaches, monitoring and reacting to attacks. The incumbent will be required to evaluate the security posture of the organisations internal and external networks, applications, sensitive internal systems, mobile device application and data coding standards. The incumbent will also emulate threat actors attempting to penetrate the organisations network and complete defined objectives, such as obtaining domain admin privileges, gaining access to sensitive information, or simulating a ransomware attack which will be used to strengthen the organisations security posture. The incumbent will also provide cyber security architecture services to enable the business to achieve its strategic outcomes. Position Outputs Information and Cyber Security Strategy Contribute to the definition, development, and oversight of the organisation's security management strategy and framework. Define / develop / implement / manage standards, policies, procedures, and solutions that mitigate risk and maximize security, availability of service, efficiency, and effectiveness. Define, present, and promote an information security policy for approval by the senior management of the organisation. Apply relevant standards, best practices, and legal requirements for information security. Information Security Ensure technology, processes, and governance are in place to monitor, detect, prevent, and react to both current and emerging technology / security threats against the organisation Research and advocate new technologies, architectures, and security products that will support security requirements for the organisation. Systematically scan the environment to identify and define vulnerabilities and threats. Record and escalates noncompliance. Investigate security breaches in accordance with established procedures. Assist users in defining their access rights and privileges. Perform non-standard security administration tasks and resolves security administration issues. Receive and responds to routine requests for security support. Assist in the investigation and resolution of issues relating to access controls and security systems. Review new and updated systems / applications to ensure that security is configured properly. Work with the IT teams to ensure adequate security solutions are in place throughout all IT systems and platforms to mitigate identified risks sufficiently, and to meet business objectives and regulatory requirements. SIEM (Security Information & Event Management) Periodically monitor the SIEM solution to eliminate any false Record and escalates high priority incidents. Assist in the investigation and resolution of security incidents. Threat Protection (incl. Penetration) and Response Management Maintain current knowledge of malware attacks, and other cyber security threats. Monitor emerging technologies, industry developments, directions, and best practices in the security field. Research emerging threats, vulnerabilities disclosures and incident response reports. Create test cases using in-depth technical analysis of risks and typical vulnerabilities. Produces test scripts, materials, and test packs to test new and existing software or services. Specify requirements for environment, data, resources, and tools. Interpret, execute, and document complex test scripts using agreed methods and standards. Ensure that offensive security tools and techniques are within regulation and policy. Record and analyses actions and results. Review test results and modify tests if necessary. Provide reports on progress, anomalies, risks, and issues associated with the overall project. Report on system quality and collect metrics on test cases. Provide specialist advice to support others. Data / Information Security and Loss Prevention Management (incl. Encryption) Explain the purpose of and provide advice and guidance on the application and operation of physical, procedural, and technical security controls. Act as a cyber security lead in technology controls / information security for project teams, and the organisation. Provide technical expertise, training and advisory services in vulnerability management and information systems security. Provide cyber security architecture reviews, recommendations, and consulting services to the teams. Lead the conduct of red team exercises, penetration tests, web application and network vulnerability assessments for IT and OT systems. Perform security risk, vulnerability assessments, and business impact analysis for medium and complex information systems. Design, plan and execute threat actor simulation scenarios using complex adversarial Tactics, Techniques and Procedures (TTP). Investigate suspected attacks and manage security incidents. Use forensics where appropriate. Communicate information security risks and issues to business managers and others. Prepare formal assessment reports of Information Security assessments with conclusions, recommendations for improvement, and planned management actions. Network security Investigate security breaches in accordance with established procedures. Monitor network and application performance to identify and irregular activity. Assist users in defining their access rights and privileges. Perform non-standard security administration tasks and resolves security administration issues. Receive and responds to routine requests for security support. Maintain records and advises relevant persons of actions taken. Assist in the investigation and resolution of issues relating to access controls and security systems. Perform security administration tasks. Maintains relevant records and documentation. Data Centre, Server and Storage Security Perform regular high-performance, scalable backups and restores on a schedule and tracks offsite storage. Carry out documented configuration for allocation of storage, installation, and maintenance of secure storage systems as per the agreed operational procedure. Identify operational problems and contributes to their resolution. Use standard management and reporting tools to collect and report on storage utilisation, performance, and backup statistics. End User Device Security Resolve incidents relating to end user device security Develop and produce reporting dashboards used to report non-compliance to end user security configuration standards Follow up and resolves instances of non-compliance to the end user device security standards Ensure operating system updates and security patches for end-user computing devices are kept up to date. Ensure that end-user computing devices are disposed of in accordance with the applicable Disposal Policy once they reach end of life. Qualifications and Experience Qualifications, Experience & Inherent Job Requirements Degree in Information Technology. At least 5 years’ IT experience in the following areas : o Cyber security and architecture Experience in information / cyber security at a senior / expert / specialist level Further certifications preferred : Certified Information System Security Professional (CISSP) Offensive Security Certified Professional (OSCP) certification Certified Cloud Security Professional (CCSP) Advantageous : Honours Degree. SAP Security Certification advantageous Microsoft Certified : Azure Security Standard Job Requirements Driver’s license code 08 Travel as required and approved #J-18808-Ljbffr