Information Security Analyst

Job Role Summary

This position reports to the Information Security and Compliance Manager, and the individual is responsible for ensuring that the technical security measures for the Adumo's infrastructure meet the company approved security standards. The Security Analyst shall actively work with outside vendors, as well as other departments to provide the IT Security support to the organization.

This role is key in delivering threat analysis and incident response program and is responsible for analyzing and reporting on threat and incident response metrics. The Security Analyst is responsible for the delivery of quality Level 1 & 2 technical security support to the Adumo group as part of the Cyber Security Service Operation Center.

The team is responsible to identify and report on vulnerabilities on an ongoing basis as well as any potential security risks identified.

**Responsibilities**:
1. Management of information security aspects such as operating system hardening, patch management, vulnerability management, anti-virus solution management.

2. Responsible for managing security event monitoring, file integrity and response.

3. Identify and mitigate security risks related to regulatory standards that are in scope for compliance-PCI DSS and POPI.

4. Manage, support, and monitor all internal security related products.

5. Provide afterhours security support to the company on a case-by-case basis.

6. Participate in Cyber Security Incident Response Team (CSIRT) in the preparation, detection, containment, eradication, and recovery on security incidents.

7. Perform real-time incident handling, independently following and creating procedures to analyze and contain malicious activity. Collect evidence to perform analysis associated with cyber incidents.

8. Ensuring compliance to policy, process, and procedure adherence and process improvisation to achieve operational objectives.

9. Attend to support tickets logged to the information security department and performing initial validation and triage to determine severity of the incidents.

10. Collaborate with other departments in remediating vulnerabilities identified from vulnerability scans and penetration tests conducted by our third-party vendor.

11. Maintain detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the identification and resolution of vulnerabilities and threat vectors.

12. Participate in the deployment, integration, and initial configuration of all new security solutions as well as enhancements to existing security solutions in accordance with standards and best practices.

13. Schedule and manage internal Security Awareness training.

15. Collaborate with the SOC team to review logs and reports of all devices, whether they are under direct control (i.e., security tools) or indirect control (i.e., workstations, servers, network devices, etc.). Interpret the implications of that activity and devise plans for appropriate resolution.

16. Keep abreast of the latest security threats, intelligence, and hacker methodologies to anticipate and mitigate the risk.

17. Participate in internal and external security audits.

18. Perform daily operational checks related to information security.

19. Perform end-user threat assessments against end-user devices.

Experience and Qualifications

1. Minimum 3 years of experience, with at least 1 year in IT Security.

2. Cisco CCNA / CompTIA N+

3. Cisco CCNA Security / CompTIA S+

4. Systems Security Certified Practitioner (SSCP) will be advantageous.

5. Certified Ethical Hacker (CEH)

6. ITIL Foundation

7. COBIT 5

8. Matric

9. Basic/Intermediate knowledge of Bash/Python scripting

10. AWS/GCP/Azure foundation certificates

11. Basic understanding of PCI DSS standard and POPI act.

Technical Knowledge

1. Knowledge of different cybersecurity frameworks such as PCI DSS, CIS benchmarks, CSA (Cloud Security Alliance) and/or ISO 27001.

3. Knowledge of next-gen Firewalls, IDS, IPS, VLANS, SSL VPN, LDAP, network routers, and switches.

4. Experience in IP networking and network security including cryptography.

5. Knowledge of SIEM & SOAR technologies.

6. Reporting skills, being able to articulate technical reports into business language to provide situational awareness and specialist advisory.

7. A good understanding of Software development best practices.

8. A good understanding of virtualization (Hypervisor), Infrastructure storage, Windows, and Linux operating systems.

Behavioral Attributes

1. Strong time management skills and ability to multi-task - setting goals and priorities.

2. Communication skills and Team player.

3. Collaboration - willingness and ability to collaborate with other Team Leaders / Supervisors

4. Assertive, confident, analytical and problem solving.

5. Attention to detail with a passion for accuracy and quality technical analysis.