Security Specialist

Security Operations
- Day-to-day operational tasks as assigned.
- Security Incident management
- Monitor, investigate and report on incidents.
- Be able to be a part of an incident response team and triage.
- Assess security incidents quickly and effectively and communicate a course of action to departmental Security SMEs.
- Compile and maintain information security incident reports. Ensure that all incidents are recorded and tracked to meet audit and legal requirements.
- Oversee and conduct root cause analysis to identify gaps and recommendations ultimately remediating risks to the organization.
- Forensics
- Maintain active understanding of industry practices for threat analytics and incident response.
- Third Party Incident management
- Investigations
- Manage patch implementation
- Documentation
- Define and maintain all the security governance documents that are required to support the strategy/solutions.
- Create and maintain confluence documentation
- Secure coding and development practices
- Assisting developers in secure coding best practices, risk mitigation techniques, and threat modelling.
- Phishing
- Identify Phishing scenarios and ensure these are blocked.
- Compliance
- Assist in reviewing policies and standards to ensure that proper controls are in place.
- Be aware and current in terms of regulations and compliances - both abroad and for company regulations.
- Training and awareness
- Provide input into security awareness campaigns to ensure they align to the technical controls and corporate governance.
- Reporting
- Provide steerco input
- Jira Dashboards to track SLA and InfoSec task completion
- Department updates
- Ops Security meeting with Business Heads
- Backup & DR
- Work with IT operations to ensure that Business Continuity plans, DR plans, and Backups plans are being performed.
- Tabletop exercises management
- SOC & Monitoring
- Develop and optimize processes to improve security threat identification and remediation.
- SIEM / Daily Monitoring
- Manage Fixes of security issues on Servers - based on results from e.g Nessus reports, SIEM, Panorays.
- Security systems Monitoring: SIEM, Microsoft risk events, Carbon Black
- Vulnerability Management
- Manage a vulnerability management system in line with current risk management system
- Management of departments to ensure Platforms/systems are meeting security requirements e.g. Nessus & Audit scripts
- Compile vulnerability and penetration testing reports according to the Security standard.
- Explain, present, demonstrate (when applicable) and document the operational impact of a particular vulnerability, threat or risk.
- Monitor and maintain approved baseline network topologies and configuration.
- Penetration Testing Management
- Maintain a yearly calendar
- Application release
- Infrastructure annual tests
- InfoSec SME
- Provide security, technical, configuration, and architecture support to security SME representatives as required.
- Run KS_Security Sessions
- Server certifications
- Managing Security Tools
- Will be responsible and be the security tool product specialist
- Roll out, config & maintenance of security systems (Cloud / Doxim hosted)
- Security systems Management: Ensure that all of Doxim's security tools sets are managed (e.g. SIEM, Keeper, JumpCloud)
- Security system usage / users - Installed and being used properly
- Provide content creation and policy tuning for multiple security detection and alerting tools.
- Manage third party interactions and manage alerts appropriately
- Keep the information security toolset plan for IT functions agile and current to constantly be able to address risk.
- Ensure all Physical locations meet security requirements
- Asset management / tracking - Maintain asset register
- Product / System Security Review:

- Code Security,
- Acunetix tests per release,
- Product DevOps reviews,
- 3rd Party components,
- Open Source components,
- Architecture consulting,
- Design consulting

**Boxes to tick**
- A minimum of two (2) years relevant work experience
- Experience using vulnerability management tools, firewalls, intrusion detection systems, and responding to network/computer intrusions and supporting inquiries.
- Knowledge of information systems security principles and methods, the requirements for certification and accreditation of systems testing and evaluation, and performance management methods.
- Knowledge of test and assessment methods to evaluate security authentication technologies.
- Knowledge of standards like PCI, ISO 27001, HiTrust, GDPR, Privacy Shield.
- Expansive general IT knowledge.
- Strong technical ability.
- Ability to conduct information security risk assessments
- Ability to create and execute security monitoring tool sets such as DLP, SIEM and Web Gateway, Cyber Protection.
- Exposure to cyber security or SOC monitoring.
- Stakeholder Management
- Ability to support an information security strategy that supports business needs
- Understanding of the NIST and I