Purpose of Work
To specify, analyze, engineer, design, support and implement information Security elements related to Technology, People and Process which protect the confidentiality, integrity, and availability of SAMREF’s Information Technology and Process System Control (PSC) infrastructure, components and information assets.
This includes: implementing policies, standards and procedures relating to data security, compliance management, incident management, risk management, operations and maintenance
Educational Requirements or Equivalent:
Bachelor Degree in Computer Science, Computer Engineering, Network or IT Security-related fields.
Security Operation, Monitoring and analyzing technical skills in SOC at least (L1/L2) experience, SIEM administration, NIST CSF and COBIT5 skills including creating and implementing standards/controls/procedures for information security, Security incident handling and vulnerability management and remediation, GRC implementation and execution and experience in using GRC automation processes and solutions.
Certifications: Experience knowledge of security standards (NIST CSF, COBiT5). Five or more of the following certifications are preferable: Implementing the NIST standard using COBIT 5, Security+; Security Essentials; Certified Ethical Hacker (CEH); Certified in Risk and Information Systems Control (CRISC); Certified Information Systems Security Professional (CISSP); ISO 27001 Lead Implementer; Certified Information Security Auditor (CISA) ; Continuous Monitoring and Security Operations ; Computer Forensic Investigations - Windows In-Depth; Hacker Techniques, Exploits & Incident Handling ; Windows Forensic Analysis