HR-EX Consulting provides affordable HR services and advisory to micro, small and medium enterprises. In short, we provide HR services to small businesses at a fraction of the cost of hiring a full-time staff. Perhaps you are a small business owner in a fast-growing business with a need to free up time to focus on growing your business? Understanding that small businesses are the growth engine of any economy, we at HR-EX really, really care about small businesses and are passionate about seeing them grow.
Summary of Functions
- Drive the Automation of the Security Baseline configuration using Enterprise tools Puppet, Ansible.
- Manage the Database security program including onboarding, discovery, use cases, upgrades & regular assessments. Tool is Imperva.
- Based on the nature of security threats perceived, assesses and establishes mitigating steps to ensure appropriate treatment and escalate as appropriate.
- Co-ordination of security systems disciplines in the face of active threats.
- Provides expert technical insight and industry perspective in the creation, delivery, and integration of complex and comprehensive security solutions and architecture.
- Collaborates and acts as a security architecture liaison with other IT areas and to design and/or recommend new security solutions as needs arise.
- Liaise with other relevant functions to facilitate the timeous closure of incidents and vulnerabilities.
- Ensure Security controls are regularly evaluated as part of the Security Assessment program with proposed remedial actions to address noted baseline variances.
- Support the implementation of risk assessments exercises across the Information Technology function in order to trap and highlight information security weaknesses and advice on controls to mitigate those risks.
- Implement standards for testing methodologies, techniques and procedures and conduct robust quality standard programme.
- Lead IT Controls Assessments and compliance exercises.
- Support controls design for Operating systems, Applications & Database Security, implementation, assessments & reporting.
- Monitor compliance to Information security policies, procedures and standards via a robust information security program/plan depicting continuous planned and ad-hoc audit and review exercises.
- Liaise with other relevant functions/stakeholder to implement information security.
Education, Experience & Skills Required
- Minimum of First Degree in Computer Science, Engineering, Information Technology/Systems or any related discipline preferred.
- Minimum of 5 years of experience in Cyber security or roles with a focus on Application, Operating systems & Database security.
- Experience with Windows/Unix/Linux Operating systems with a focus on cybersecurity Relevant industry certifications (i.e. CISSP, CISA, CRISC, CISM, COMPTIA+, Imperva Database administrator, Puppet practitioner, CASP+ CEH, GCIH, GCIA, OSCP)
- Experience with SIEM (Arcsight), EDR (Falcon Crowdstrike, Packet Analysis, HIPS/NIPS, Network Monitoring tools, Service Now Ticketing, Database Security.
- Technical experience around Identity Access Management, Controls configuration management & automation using Puppet/Ansible/Chef, Vulnerability assessments and treatment, Technical systems baseline governance & Implementation.
- Proven experience with best practices, frameworks & standards implementation across technology stacks, Auditing across varying technology, integrating log sources to a SIEM and offense/alerts tuning.
- Proven experience in penetration testing & Use of offensive Security Red team tools.
- Proven experience in business continuity & use of defensive Blue team tools.
- Proven experience in identifying, developing, implementing and evaluating risk response options & providing management with information to enable risk response decisions.
- Experience in identifying requirements, developing architectures, and deploying enterprise Security architecture, ensuring that the implementation adheres to standards and best-practices. • Mastered the principles of how business strategy drives Security.
- Excellent negotiation and facilitation skills is critical to this role: (Able to convey and sell ideas and strategies to stake holders).
- Knowledge of SQL is desirable – minimum Intermediate.
Method of Application
Signup to view application details.
Signup Now