Security Specialist - Sandton at Discovery Limited

Job Purpose

• The purpose of the IT Security Specialist role is to monitor the threat landscape and to select/implement security countermeasures to secure information assets within the Banking environment. The key responsibilities include management of Privilege Access Management System, Public Key Infrastructure, and certificate lifecycle management. The IT Security Specialist will install, configure, and manage IT security technologies and processes to provide preventive, detective, and response capabilities to the organisation. The role requires a flexible specialist who can support other security domains in addition to the key areas. The role is looking for an experienced PAM specialist with knowledge of PKI and certificate management.

 Areas of responsibility include but are not limited to :

Operational Support

• Monitor reputable information sources (e.g. threat reports, security blogs) to keep abreast of the threat landscape and risks relevant to the bank.
• Monitor security technology roadmaps and recommend feature enhancements or new solutions to address business risks/requirements.
• Analyse and design appropriate security solutions to enable business requirements.
• Troubleshoot security technology failures/problems as required.
• Provide technical expertise and oversight of security technology design, configuration, deployment, and documentation, such as PAM, HSM, PKI, Certificate Management, and secure file exchange technologies. 
• Perform monitoring and analysis of network activity to identify suspicious or undesirable behaviour, by defining and implementing monitoring rules around critical security controls.
• Daily provisioning of Privileged access and troubleshooting of access related issues.
• Periodic reviews of Access privileges to critical systems.
• Daily support of access and privilege security systems
• Daily review and investigations of Privilege related alerts/ incidents.
• Daily monitoring and management of internal and external certificates.
• Management of other Access Management systems such as Active Directory, Azure AD etc
• Undertake incident analysis, tracking, recording, and response, and provision of evidence data during security incidents.
• Interface with IT stakeholders and ensure that the hosting environment meets security and service requirements.
• Participate in major technology infrastructure initiatives.
• Develop Standard Operating Procedures for the security environment.
• Be available during standby and scheduled changes after hours support.
• Adhere to Discovery Bank policies to ensure a secure operating environment.
• Performs root cause analysis, performance tuning, optimisation and other service improvement activities ensuring optimal security environment performance. Continuously identifies areas for improvement for efficiency.
• Log and act on all security incidents according to business expectations and escalate all critical statuses and issues as well as provides recommendations.                               
• Proactively identifies interconnected problems and develops and models alternative solutions and suggests contingency plans to resolve value chain conflicts.

Programme and Project Support.

• Provides support to the Programme Office in the build and implementation lifecycle of new services and changes to related services including support for non-production environments.
• Ensure that appropriate security countermeasures are implemented as recommended to ensure projects are delivered as per schedule.
• Ability to lead and drive security projects to full delivery and operationalisation.

Compliance, Governance, Risk and Control Processes

• Liaise with Change and Release Management in the planning of changes and releases of services in scope.
• Participate in Business Continuity plans for services in scope.
• Participate in Disaster Recovery design and planning activities to ensure access to Business services in the event of a major outage and partake in regular DR tests.

Other

• Provides input to periodic operational meetings and reports according to agreed intervals (e.g. daily, weekly, and monthly reports).
• Identifies, documents, and publishes knowledge for sharing with internal staff. Participate in the technical knowledge review processes and in ensuring the quality of published content.
• Works with internal colleagues to ensure they have the appropriate information and knowledge at hand to be successful in what they do.
• Ensures that tickets in the ITSM tool are attended to all times and reflect the correct status.
• Define and influence relationships and service level agreements made with internal and external stakeholders.

Education and Experience

• Relevant tertiary qualification.
• At least 5 years’ working experience in Identity and Access Management or Privilege Management Systems.
• At least 2 years working experience managing PKI/HSMs
• Knowledge of Certificate Management an added advantage.
• Relevant Information Security certification (e.g. CISA, CISM, CISSP) an advantage.
• Previous experience in the banking or financial services industry will be advantageous.

Technical Skills or Knowledge

• PAM
• PKI
• HSMs
• Certificate Management
• IAM
• AD/Azure AD
• Secure File Gateways
• Windows and Linux OS
• Technical support strategies and approaches.
• Technical documentation creation and maintenance.
• Incident Management and Problem Management procedures