Situation Vacant : Information Security Officer (ISO14/1) We are seeking a career-minded individual for the position of Information Security Officer reporting to the Information Security Manager. The chosen candidate will be responsible for implementing and managing the company information security policies designed to protect information across all facets of RS2. This position calls for a dynamic, fact and analysis driven, trustworthy individual with great oral and written communication skills, time management and an eye for detail. The selected candidate will be responsible for: - Performing penetration testing (ethical hacking) and vulnerability scanning activities - Monitoring and analyzing security alerts and information, and contributing to their resolution - Reviewing logging and housekeeping functions in the information security team - Developing and maintaining security documentation - Engaging with security assessors regarding issues that were identified as part of the penetration test or during security audits - Participation in the design and documentation of new policies, processes or practices - Assisting in the information security awareness, training, and educational activities for all personnel - Assisting with the development and ongoing maintenance of PCI certifications and other compliance requirements - Perform other duties assigned Requirements: - Minimum of 2 years’ experience in IT Security operations, design and management - Broad IT security knowledge with experience of network and application security - Experience in security testing - Experience of liaising with auditors, PA-DSS and PCI Payment Scheme audits is preferable - Ability to engage with staff in order to offer guidance and enforce compliance to security policies - Ability to work off own initiative with minimal supervision - Must be meticulous, methodical and accurate in the completion of tasks - Must perform under pressure and meet deadlines Other Requirements: - Networks and firewall configuration knowledge - Experience in using network and exploit tools to identify vulnerabilities and recommend countermeasures - Unix security knowledge - Programming or scripting background is a plus Qualifications: - First degree in ICT and/or a specialized security certification (CISSP, SSCP or OCSP) - Preferably candidate will hold penetration testing/ethical hacking certifications Interested candidates are to submit their CV quoting the reference number, via email to recruitment@rs2
Posted on: Mon, 10 Nov 2014 15:10:07 +0000