About the job Information Security Analyst L2 Purpose: Conduct all activities related to technology risks and remediations to protect the company ecosystem from potential threats including partnering with the company Employees and vendors to drive a Cyber security-conscious organisation. Duties and responsibilities: Support with developing and maintaining Cyber Security Road Map and interventions Support with developing company-wide best practices for Technology security Support improving the maturity, or efficiency, of the Cyber Security team, by identifying innovative, problem solving solutions. Creates and maintain appropriate standard operating procedures for the Cyber Security and information protection. Identify, respond, predict and analyse security breaches and threats to determine their root cause and report findings to relevant stakeholders on cyber-security threats, attacks, incidents, and other factors that indicate security risks as per SLA. Researching, investigating and developing proficiency in current and emerging threats, vulnerabilities, and security technology developments. Play an active role in Technology Security Planning sessions, driving agenda and deliverables with all participants. Support managing Vendor Strategy and roadmap for Information Security Establish plans and protocols to protect digital files and information systems against unauthorized access, modification and/or destruction within mandate Assessment of the organisation's technology risk exposure and measurement of the various parameters that make up technology risks. Work closely with other stakeholders to design, architect, consult and implement security solutions to ensure readiness for security technologies In support of program design, gather client requirements and draft documentation in order to compile a draft project plan, only more complex programs need to be reviewed by the Information Security Officer Identify the desired outcomes and success criteria which is to be the baseline for post project review and benefit realisation validation, as well as measuring positive effects. Contribute to project risk management consulting and technical reviews, drafting mitigation plans and delivering on any actionable items allocated Drafts procedures and or policies with regards to cyber security submitting them to the Information Security Officer for review and authorization. Qualifications and experience: Bachelors degree in Information Security or similar. Industry certifications such as CISSP, SANS/GIAC: GSEC, GCIH, GFCA, GCFE, GCIA; EC-Council: CEH, ECIH, CHFI, ECSA; Security+; Tenable: TCNU, TCNA, TCSE, ISO27001 (Candidates with certifications will be given preferential reviews) 5 Years experience within either an Information Security position or Cybersecurity, which include protection against social engineering, or security vulnerability remediation, of which: 2 Years Ethical Hacking experience In-depth knowledge of Cloud security platform (MS Intune / O365 Security, etc.) In-depth knowledge of Firewalls and Malicious Code Defense including APT Knowledge of Cybersecurity technical assessments, standards, tools, and processes Knowledge of common attack vectors Knowledge of Vulnerability assessment tools (Nessus, Nmap) Endpoint and network security tools/techniques #J-18808-Ljbffr