Responsibilities

  • Develop and review company IT Security policy, standard, and process to align with international standards, best practice and regulations.
  • Protects systems by defining access privileges, control structures, and resources.
  • Recognizes problems by identifying abnormalities, reporting violations.
  • Evaluate the existing security control and identify areas of non or partial compliance and rectify any issues.
  • Ensure the True Money policy is in accordance with General Data Protection Regulation and codes of practice
  • Implements security improvements by assessing current situation; evaluating trends; anticipating requirements.
  • Determines security violations and inefficiencies by conducting periodic audits.
  • Upgrades the system by implementing and maintaining security controls.
  • Coordinate and work with business process owners and executives across different departments to ensure that information security requirements support business needs and security systems, and processes are working as intended.
  • Formulates, and evolves the information security plan and documentation for security compliance.
  • Assist in ensuring regulatory compliance and adherence to information security-related laws, rules and regulations.
  • Executes security operation tasks include, but not limited to security patch management, security vulnerability management, and security configuration management.
  • Monitors the industry and external environment for emerging threats and advises relevant stakeholders on appropriate courses of action.
  • Implementation and maintenance of an information security incident response plan to ensure that security controls and processes are embedded throughout the lifecycle of information, systems, applications, products and services
  • Review and advise security solution architect for the proposed system such as; Network Segmentation, Application protection, Defense-in-depth, Remote Access, Encryption Technologies, Backup/Replication/Multiple Sites, Cloud Technologies, and Virtual System Technologies.
  • Conduct security advisory and testing along the pipeline of the system delivery.
  • Conduct security awareness and training programs catered to different sets of stakeholders
  • Conduct security requirements checklist, security issue management, UserID revalidation, and UserID provisioning

Qualifications

  • Bachelor or Master’s degree in Computer Engineering, MIS, IT or a related field.
  • At least 3 year experiences in computer security area
  • Have a foundation in good information security practices.
  • Knowledge of International Security frameworks, Standards, and Guidelines e.g., COBIT, NIST-800, ISO 27001, PCI-DSS, OWASP, and etc.
  • Experience in system and application security management and control.
  • Experience in facilitating information security risk assessments.
  • Professional certificates related to work (e.g. CISSP, CISM, CISA, CRISC, CEH, Sec+, ISO 27001, PCI DSS or similar general security certification) is desirable
  • Talent to identify and create a broad vision for a security solution and to execute it.
  • A positive, can-do attitude, who naturally expresses a high degree of empathy to others.
  • Strong problem solving and analytical abilities Able to work under minimal supervision; Detail oriented;
  • Good English (Spoken and Written)

Interested candidates can send your CVs to jobs@ascendcorp.com or contact our recruiter via 016 777 664.