Specialist: Cyber Security bei Transnet SOC Limited
Transnet SOC Limited · Durban, Südafrika · Onsite
- Professional
- Optionales Büro in Durban
Specialist: Cyber Security
| Operating Division: | Transnet Pipelines |
| Employee Group: | Permanent |
| Department: | ICT, ISGRC, DNR |
| Location: | Durban Central |
| Reporting To: | Manager: ISGRC |
| Grade: | F |
| Reference: | req3702 |
The closing date is on 17/11/2025. It is the responsibility of the applicant to ensure that HR has received the application before the closing date of the advertisement.
Position Purpose
The primary purpose of the position is to maintain the safety of the organization's ICT systems and networks as well as providing cyber security architecture to enable the business to achieve its strategic outcomes. The position entails creating, testing, implementing and analysing the effectiveness of various security systems as well as preventing data breaches, monitoring and reacting to attacks.
The incumbent will be required to evaluate the security posture of the organisations internal and external networks, applications, sensitive internal systems, mobile device application and data coding standards. The incumbent will also emulate threat actors attempting to penetrate the organisations network and complete defined objectives, such as obtaining domain admin privileges, gaining access to sensitive information, or simulating a ransomware attack which will be used to strengthen the organisations security posture.
The incumbent will also provide cyber security architecture services to enable the business to achieve its strategic outcomes.
The incumbent will be required to evaluate the security posture of the organisations internal and external networks, applications, sensitive internal systems, mobile device application and data coding standards. The incumbent will also emulate threat actors attempting to penetrate the organisations network and complete defined objectives, such as obtaining domain admin privileges, gaining access to sensitive information, or simulating a ransomware attack which will be used to strengthen the organisations security posture.
The incumbent will also provide cyber security architecture services to enable the business to achieve its strategic outcomes.
Position Outputs
1. Information and Cyber Security StrategyContribute to the definition, development, and oversight of the organisation's security management strategy and framework.
Define / develop / implement / manage standards, policies, procedures, and solutions that mitigate risk and maximize security, availability of service, efficiency, and effectiveness.
Define, present, and promote an information security policy for approval by the senior management of the organisation.
Apply relevant standards, best practices, and legal requirements for information security.
2. Information Security
Ensure technology, processes, and governance are in place to monitor, detect, prevent, and react to both current and emerging technology / security threats against the organisation
Research and advocate new technologies, architectures, and security products that will support security requirements for the organisation.
Systematically scan the environment to identify and define vulnerabilities and threats.
Record and escalates noncompliance.
Investigate security breaches in accordance with established procedures.
Assist users in defining their access rights and privileges.
Perform non-standard security administration tasks and resolves security administration issues.
Receive and responds to routine requests for security support.
Assist in the investigation and resolution of issues relating to access controls and security systems.
Review new and updated systems/applications to ensure that security is configured properly.
Work with the IT teams to ensure adequate security solutions are in place throughout all IT systems and platforms to mitigate identified risks sufficiently, and to meet business objectives and regulatory requirements.
3. SIEM (Security Information & Event Management)
Periodically monitor the SIEM solution to eliminate any false
Record and escalates high priority incidents.
Assist in the investigation and resolution of security incidents.
4. Threat Protection (incl. Penetration) and Response Management
Maintain current knowledge of malware attacks, and other cyber security threats.
Monitor emerging technologies, industry developments, directions, and best practices in the security field.
Research emerging threats, vulnerabilities disclosures and incident response reports.
Create test cases using in-depth technical analysis of risks and typical vulnerabilities. Produces test scripts, materials, and test packs to test new and existing software or services.
Specify requirements for environment, data, resources, and tools. Interpret, execute, and document complex test scripts using agreed methods and standards.
Ensure that offensive security tools and techniques are within regulation and policy.
Record and analyses actions and results.
Review test results and modify tests if necessary.
Provide reports on progress, anomalies, risks, and issues associated with the overall project.
Report on system quality and collect metrics on test cases.
Provide specialist advice to support others.
5. Data/Information Security and Loss Prevention Management (incl. Encryption)
Explain the purpose of and provide advice and guidance on the application and operation of physical, procedural, and technical security controls.
Act as a cyber security lead in technology controls / information security for project teams, and the organisation. Provide technical expertise, training and advisory services in vulnerability management and information systems security. Provide cyber security architecture reviews, recommendations, and consulting services to the teams.
Lead the conduct of red team exercises, penetration tests, web application and network vulnerability assessments for IT and OT systems.
Perform security risk, vulnerability assessments, and business impact analysis for medium and complex information systems.
Design, plan and execute threat actor simulation scenarios using complex adversarial Tactics, Techniques and Procedures (TTP).
Investigate suspected attacks and manage security incidents.
Use forensics where appropriate.
Communicate information security risks and issues to business managers and others.
Prepare formal assessment reports of Information Security assessments with conclusions, recommendations for improvement, and planned management actions.
6. Network security
Investigate security breaches in accordance with established procedures.
Monitor network and application performance to identify and irregular activity.
Assist users in defining their access rights and privileges.
Perform non-standard security administration tasks and resolves security administration issues.
Receive and responds to routine requests for security support.
Maintain records and advises relevant persons of actions taken.
Assist in the investigation and resolution of issues relating to access controls and security systems.
Perform security administration tasks. Maintains relevant records and documentation.
7. Data Centre, Server and Storage Security
Perform regular high-performance, scalable backups and restores on a schedule and tracks offsite storage.
Carry out documented configuration for allocation of storage, installation, and maintenance of secure storage systems as per the agreed operational procedure.
Identify operational problems and contributes to their resolution.
Use standard management and reporting tools to collect and report on storage utilisation, performance, and backup statistics.
8. End User Device Security
Resolve incidents relating to end user device security
Develop and produce reporting dashboards used to report non-compliance to end user security configuration standards
Follow up and resolves instances of non-compliance to the end user device security standards
Ensure operating system updates and security patches for end-user computing devices are kept up to date.
Ensure that end-user computing devices are disposed of in accordance with the applicable Disposal Policy once they reach end of life.
Define / develop / implement / manage standards, policies, procedures, and solutions that mitigate risk and maximize security, availability of service, efficiency, and effectiveness.
Define, present, and promote an information security policy for approval by the senior management of the organisation.
Apply relevant standards, best practices, and legal requirements for information security.
2. Information Security
Ensure technology, processes, and governance are in place to monitor, detect, prevent, and react to both current and emerging technology / security threats against the organisation
Research and advocate new technologies, architectures, and security products that will support security requirements for the organisation.
Systematically scan the environment to identify and define vulnerabilities and threats.
Record and escalates noncompliance.
Investigate security breaches in accordance with established procedures.
Assist users in defining their access rights and privileges.
Perform non-standard security administration tasks and resolves security administration issues.
Receive and responds to routine requests for security support.
Assist in the investigation and resolution of issues relating to access controls and security systems.
Review new and updated systems/applications to ensure that security is configured properly.
Work with the IT teams to ensure adequate security solutions are in place throughout all IT systems and platforms to mitigate identified risks sufficiently, and to meet business objectives and regulatory requirements.
3. SIEM (Security Information & Event Management)
Periodically monitor the SIEM solution to eliminate any false
Record and escalates high priority incidents.
Assist in the investigation and resolution of security incidents.
4. Threat Protection (incl. Penetration) and Response Management
Maintain current knowledge of malware attacks, and other cyber security threats.
Monitor emerging technologies, industry developments, directions, and best practices in the security field.
Research emerging threats, vulnerabilities disclosures and incident response reports.
Create test cases using in-depth technical analysis of risks and typical vulnerabilities. Produces test scripts, materials, and test packs to test new and existing software or services.
Specify requirements for environment, data, resources, and tools. Interpret, execute, and document complex test scripts using agreed methods and standards.
Ensure that offensive security tools and techniques are within regulation and policy.
Record and analyses actions and results.
Review test results and modify tests if necessary.
Provide reports on progress, anomalies, risks, and issues associated with the overall project.
Report on system quality and collect metrics on test cases.
Provide specialist advice to support others.
5. Data/Information Security and Loss Prevention Management (incl. Encryption)
Explain the purpose of and provide advice and guidance on the application and operation of physical, procedural, and technical security controls.
Act as a cyber security lead in technology controls / information security for project teams, and the organisation. Provide technical expertise, training and advisory services in vulnerability management and information systems security. Provide cyber security architecture reviews, recommendations, and consulting services to the teams.
Lead the conduct of red team exercises, penetration tests, web application and network vulnerability assessments for IT and OT systems.
Perform security risk, vulnerability assessments, and business impact analysis for medium and complex information systems.
Design, plan and execute threat actor simulation scenarios using complex adversarial Tactics, Techniques and Procedures (TTP).
Investigate suspected attacks and manage security incidents.
Use forensics where appropriate.
Communicate information security risks and issues to business managers and others.
Prepare formal assessment reports of Information Security assessments with conclusions, recommendations for improvement, and planned management actions.
6. Network security
Investigate security breaches in accordance with established procedures.
Monitor network and application performance to identify and irregular activity.
Assist users in defining their access rights and privileges.
Perform non-standard security administration tasks and resolves security administration issues.
Receive and responds to routine requests for security support.
Maintain records and advises relevant persons of actions taken.
Assist in the investigation and resolution of issues relating to access controls and security systems.
Perform security administration tasks. Maintains relevant records and documentation.
7. Data Centre, Server and Storage Security
Perform regular high-performance, scalable backups and restores on a schedule and tracks offsite storage.
Carry out documented configuration for allocation of storage, installation, and maintenance of secure storage systems as per the agreed operational procedure.
Identify operational problems and contributes to their resolution.
Use standard management and reporting tools to collect and report on storage utilisation, performance, and backup statistics.
8. End User Device Security
Resolve incidents relating to end user device security
Develop and produce reporting dashboards used to report non-compliance to end user security configuration standards
Follow up and resolves instances of non-compliance to the end user device security standards
Ensure operating system updates and security patches for end-user computing devices are kept up to date.
Ensure that end-user computing devices are disposed of in accordance with the applicable Disposal Policy once they reach end of life.
Qualifications and Experience
Qualifications, Experience & Inherent Job Requirements Degree in Information Technology. At least 5 years’ IT experience in the following areas: o Cyber security and architecture Experience in information/cyber security at a senior/expert/specialist level Further certifications preferred: Certified Information System Security Professional (CISSP) Offensive Security Certified Professional (OSCP) certification Certified Cloud Security Professional (CCSP) Advantageous: Honours Degree. SAP Security Certification advantageous Microsoft Certified: Azure Security Standard Job Requirements Driver’s license code 08 Travel as required and approved
Competencies
Knowledge A knowledge of adversarial activities in cyberspace with an understanding of intrusion set tactics, techniques, and procedures (TTP) with the ability to emulate these TTP to assess vulnerability and risk desired. Familiarity with Advanced Persistent Threat (APT) activity; Offensive attack hacker mindset preferred. Experience with penetration testing highly desired Wireless, Network and TCP/IP skills along with Unix command, bash scripting, and / or python coding required. Knowledge of Cloud technologies including AWS and Azure Professional experience in both offensive and defensive information security disciplines is strongly desirable. Experience in exploiting web apps and web services security vulnerabilities including cross-site scripting, cross site request forgery, SQL injection, DoS attacks, XML/SOAP, and API attacks. Business change techniques, such as business process re-engineering In depth technical knowledge in the areas of expertise at a world class level. Knowledge of software and hardware technologies - the individual should be familiar with a wide range of applications, operating systems, server applications and tools. Network and server security, including firewalls, VPN, IDS/IPS, anti-virus, patch management, vulnerability management. Business applications including SAP. Domain structures, user authentication, and digital signatures and PKI. Intranet, Extranet, Internet, eCommerce, EDI links with parties within and outside of the organization. Process Control/SCADA/PLC environments would be considered an advantage. Common information security management frameworks, such as International Standards Organization (ISO) 17799/27001, the IT Infrastructure Library (ITIL) and Control Objectives for Information and Related Technology (CobiT) frameworks. Knowledge of security issues, techniques and implications across all of the key platforms within the TPL environment, including: Microsoft Windows Server and Desktop, Microsoft SQL Server, SharePoint, UNIX (AIX) Oracle, MaxDB, VPN and remote access technologies, CISCO networking platforms Palo Alto firewall technology, Data leakage prevention, Cryptography, BCM/DRP, Access Control, Wireless Security, Ethical hacking skills, Application Security, IT Cyber Security Risk Assessments.
Equity Statement
Preference will be given to suitably qualified Applicants who are members of the designated groups in line with the Employment Equity Plan and Targets of the Organisation/Operating Division.
Jetzt bewerben
