Develop a complete understanding of a company’s technology and information systems
Design, build, implement and support enterprise-class security systems
Align organizational security strategy and infrastructure with overall business and technology strategy
Identify and communicate current and emerging security threats
Design security architecture elements to mitigate threats as they emerge
Plan, research and design robust security architectures for any IT project
Perform or supervise vulnerability testing, risk analyses and security assessments
Create solutions that balance business requirements with information and cybersecurity requirements
Identify security design gaps in existing and proposed architectures and recommend changes or enhancements
Review and approve installation of firewall, VPN, routers, IDS scanning technologies and servers
Test security systems to ensure they behave as expected
Use current programming language and technologies to writes code, complete programming and performs testing and debugging of applications
Provide supervision and guidance to a security team
Define, implement and maintain corporate security policies and procedures
Train users in implementation or conversion of systems
Respond immediately to security-related incidents and provide thorough remedial solutions and analysis
Regularly communicate vital information, security needs and priorities to upper management
Work as part of a team of software and security engineers, with a high degree of freedom to design and build best-in-class offerings
Point of contact for product teams as it relates to automation, CI/CD, and DevOps and/or DevSecOps
Build tools and automation scripts that enable developers to easily consume security services delivered by the AppSec team
Design and test solutions to unique and interesting challenges
Investigate security breaches and other cyber security incidents.
Document security breaches and assess the damage they cause.
Recommend remediation for security breaches.
To identify and eliminate manual processes using automation for areas involving information security.
Seeking to build in security during the development stages of software systems, networks and data centres.
Looking for vulnerabilities and risks in hardware and software.
Finding the best way to secure the IT Infrastructure of an organization.
Building firewalls into network infrastructures.
Constantly monitoring for attacks and intrusions.
When the cybersecurity specialist finds a potential threat or attempted breach, closing off the security vulnerability.
Identifying the perpetrator and liasing with the police if necessary
Experience with infrastructure vulnerability and penetration testing and techniques.
Understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts.
Ability to identify and mitigate network vulnerabilities and explain how to avoid them.
Understanding of patch management for servers and end units with knowledge of how patches are deployed and understanding the business impact
Risk assessment procedures, policy formation, role-based authorization methodologies, authentication technologies and security attack pathologies
Security Configuration of Windows, Linux, DBMS (MS SQL/MySQL).
Good technical understanding of enterprise IT; web applications, databases, operating systems, server/desktop hardware, mobile devices and networking technologies.
Good knowledge of information security controls, guidelines and standards, ISO, NIST, OWASP
Familiar with regulatory guidelines such as SBV’s Circular 09, Circular 20.