Network Security Engineer
Job Purpose:
- The engineer is required to perform the role to maintain/review/enhance network security policies and governance, audit management and compliance.
Key Accountabilities:
- Accountable for network audit and compliance activities, facilitating audits and compliance reviews and overseeing all required regulatory and audit remediation activities.
- Accountable for ensuring network security governance.
- Accountable for working with LOBs and Infrastructure teams on network security requirements and compliance.
- Working with all business units to determine possible risks and risk management processes.
- Business development planning and acquiring the correct technology.
- Analyzing IT security threats in real-time and mitigating these threats.
- Ensuring that newly-acquired technology complies with the IT security regulations.
- Planning, designing, and implementing an IT and network strategy for the company.
- Managing the continuous maintenance of the IT network to ensuring optimum security levels are maintained.
- Sourcing the necessary hardware and software to implement the IT strategy, and negotiating contracts.
- Ensuring that no internal breaches or misuse of data take place.
- Determining the cause of internal and external data breaches and instituting appropriate corrective action.
- Presenting regular feedback reports on IT network security to the board of directors.
- Audit management responsibilities focus on facilitating all manner of network audits and is required to interact with various audit bodies including internal and external auditors, and industry or government regulators.
- Ensure that all network security policies (ISCD, health check, APAR), audit compliance documentation and artefacts are properly documented and readily available.
- Perform analysis, and response to network security events.
- Review and Provide risk assessment for Firewall, Proxy and NAC whitelisting requests.
- Performs independent analysis to identify, highlight and document network information security issues and risks.
- Follows-up on action items through to closure of issues and facilitates feedback (e.g. Report, plan, track, support remediation and verify discovered security issues).
Requirements:
- A minimum of five years' experience in risk management, information security, or programming.
- Highly motivated, and always positive with ability to work with minimal supervision.
- Ability to work in a fast-paced environment and keep pace with technical/operational innovation.
- Experience in liaising with Auditors as well as having risk management background in a financial organization is highly advantageous.
- Security+, CASP, CISM, CEH, GIAC, CISSP, GCIH STIG would be an advantage.
- Solid understanding of a networking technologies and concepts within a large organization is required.
- Experience with various network security tools is an advantage
- Good understanding of scripting (various OS environments) and major programming languages is advantageous.
- An exceptional understanding of scripting and source code programming languages, such as C#, C++, .NET, and Java.
- Knowledge of information security management frameworks, such as ISO/IEC 27001 and STIG.
- Outstanding negotiation skills for IT support services to be rendered.
- Excellent project management and leadership skills.
- Excellent written and verbal communication skills.
Company Reg No.: 201131609D, Licence No.: 11C4684, Reg No: R1871156