Information Security Analyst Ii

**Job ID**
- 131332 (Cryptography Specialisation)**Job Family**
- Information Technology

**Career Stream**
- IT Risk**Leadership Pipeline**
- Manage Self: Technical

**Job Purpose**
- To analyse information security related tasks within the ambit of existing information security policies, standards and processes, procedures and practices as well as business rules. Working independently to deliver on work tasks. Mentor Administrators and Analyst I. Collaborate with other specialists to execute analysis work tasks, perform operational tasks, question, recommend and update improvements to the existing policies, process and procedures. To ensure stability and up-time for areas the incumbent takes responsibility for, which could require availability on demand to perform job related duties outside of normal working hours.**Core Job Responsibilities**
- Perform Key Management lifecycle activities in line with industry standards and requirements.
- Issue SSL certificates in line with information security standards.
- Have oversight over expiring certificates not actioned to prevent security, operational and reputational impact to the organisation.
- Formulate cryptography-related information security standards and review standards on an annual basis, align with and communicate standards to stakeholders, and
- ensure awareness is created.- Periodically monitor conformance to standards and inform stakeholders accordingly.
- Deploy and maintain cryptography systems in line with the mandated information security standards.
- Monitor cryptography systems for availability.
- Consult to projects on cryptography best practices in the Wintel and IBM Zos environments.
- Establishes good customer relationships and adheres to service standards to ensure a satisfactory customer experience. Takes responsibility for personal development
- and embraces teamwork. Demonstrates and practices cost-consciousness**Responsibilities**:

- Capture timesheets timeously and accurately
- Capture claims timeously and accurately
- Propose solutions that must be cost effective whilst meeting information security requirements within budget.
- Participate in negotiations on fair pricing from vendors for new technologies procured.
- Manage and or resolve low, medium and high incidents and engage with Specialists to resolve the high complexity incidents.
- Build relationships with stakeholders to facilitate the flow of knowledge, input and discussion on new products and solutions as required by stakeholders.
- Facilitate and manage the incident and problem management process when stakeholder environments are affected.
- Oversee the implementation of the information security changes and check for the short comings and risks.
- Interpret MIS and system logs/ reports with the view to analyse and correct any deviations against standards and best practices.
- Participate in the implementation of new products as provided in the selection criteria.
- Act as the 1st point of problem resolution for non routine incidents and 1st line support for problems.
- Ensure compliance to standards and practises by familiarizing and keeping abreast of information security policies, rules, standards and processes, procedures and practices as well as business rules.
- Document and maintain all relevant processes and procedures mindful of current policies and standards.
- Create and maintain information security standards.
- Oversee and monitor the information security environment according to set standards.
- Review and contribute to project documentation including business requirements, designs and implementation.
- Create design documentation according to relevant standards and practices
- Implement specific Information security technologies.
- Gain further exposure and experience on multiple technologies by job shadowing Information Security analysts III and Technical Specialist.
- Log submit and implement low, medium and high risk changes independently.
- Provide guidance and supervision to Administrators and Analyst I on implementation and changes.
- Oversee and ensure change was successful in certain cases and when required perform unit testing.
- Oversee and ensure back-ups are done, documents are stored and statuses updated.
- Analyse logs and reports independently and provide supervision to Administrators and Analyst I.
- Ensure job related tasks and processes are in place.
- Ensure that the logging and submitting of all relevant incidents have taken place and resolve low, medium and high incidents.
- Conduct risk and root cause analyses around exceptions, queries, incidents as per operational procedures with the relevant internal and external stakeholders and provide feedback, confirm stakeholder satisfaction.
- Keep abreast of legislation and other industry changes that impacts on role by reading the relevant newsletters, websites and attending sessions.
- Improve personal capability and to stay abreast of developments in field of expertise by identify trainin