Information Security Analyst at Believe Resourcing Group

About the Role:

Seeking talented Information Security Analysts to join Information and Cyber Security team. This critical role ensures the company derives maximum value from its investment in cybersecurity. Reporting to the Senior Manager of Information and Cybersecurity Services, the successful candidate will be responsible for evaluating and strengthening the company's security posture through continuous vulnerability assessments; incident handling; and security assessments. If you have a passion for all things cyber and the skills to match, keep reading!

Key Responsibilities:

• Monitor the company’s network for cybersecurity anomalies;
• Handle the entire lifecycle of security incidents from detection to resolution and root cause analysis;
• Plan and implement cybersecurity measures to protect systems, networks, and data;
• Perform risk assessments and recommend cybersecurity controls and measures;
• Recommend enhancements to improve the company's security posture;
• Develop and implement security processes, systems, and services;
• Provide technical leadership for cybersecurity systems and service components;
• Participate in security awareness drives and campaigns;
• Engage with various teams to ensure security best practices;
• Review technology architecture for compliance with data privacy and protection standards;
• Educate and promote secure software development practices;
• Assess technology architecture for vulnerabilities and potential upgrades;
• Assist with ad hoc duties and projects as needed.

Required Experience and Qualifications:

• Relevant qualification at NQF level 6;
• 5 years of experience in enterprise ICT applications and infrastructure, with 3 years of hands-on technical experience;
• Knowledge of security concepts and technologies (IDS/IPS, SIEM, SOAR platforms, network/computer security);
• Experience managing the lifecycle of security incidents;
• Experience with enterprise antivirus solutions (server and desktop);
• System Administrator experience in Windows/Linux environments;
• Knowledge of Vulnerability and Patch Management in an Enterprise environment;
• Experience providing security architecture guidance;
• Understanding of security frameworks (e.g., ISO, NIST) and digital forensic methodologies.

Non-Technical Skills:

• Ability to interview and question users to determine root causes;
• Effective communication with response and business partners;
• Experience providing status updates to executives and stakeholders;
• Autonomous and self-managed work style.

Advantageous Skills:

• Scripting and basic programming (PowerShell, Python);
• Industry-recognised certifications (e.g., Security+, CEH, CISA, CISSP, OSCP);
• Understanding of applicable legislation (security and privacy);
• Experience in Higher Education is a plus.