Enable job alerts via email!
Information Security Specialist
KPMG-SouthAfrica
Johannesburg
On-site
ZAR 40,000 - 80,000
Full time
Boost your interview chances
Create a job specific, tailored resume for higher success rate.
Job summary
An established industry player is seeking an Information Security Specialist to safeguard the integrity of systems across multiple offices. This role involves monitoring security systems, managing incidents, and ensuring compliance with security protocols. The ideal candidate will have a solid background in IT support and information security, with expertise in Microsoft Azure and various security certifications. Join a dynamic team where your contributions will play a crucial role in enhancing the security posture of the organization and protecting sensitive information across the region.
Qualifications
- 3-5 years' experience in IT Support or Information Security.
- Industry-recognized certifications like A+, N+, Security+.
Responsibilities
- Monitor incident response channels and escalate high-priority issues.
- Daily monitoring of security systems and configuration management.
Skills
Education
Tools
Job description
The KPMG Africa Information Security Specialist is responsible for ensuring the confidentiality, integrity, and availability of all systems across KPMG Africa offices (South Africa, Botswana, Mauritius, Mozambique, Namibia, Zambia, Zimbabwe, Nigeria, Ghana, Kenya, Uganda, Tanzania, and Rwanda). The role involves actively managing and monitoring information security systems to detect, respond to, and remediate security risks and threats across the infrastructure.
4. Position Specifications
Educational Requirements (minimum necessary to perform the job):
- Professional / Tertiary qualification
Other Requirements:
Experience (minimum necessary):
Desired Qualifications and Experience:
- 3-5 years' experience in Information Technology Support or Information Security, including Microsoft Azure
- Industry-recognized certifications such as A+, N+, Security+, CySA+, and Cloud Security certifications like:
o Microsoft Certified: Security Operations Analyst Associate
o Microsoft Certified: Information Protection and Compliance Administrator Associate
o Microsoft Certified: Security, Compliance, and Identity Fundamentals
o Microsoft Certified: Identity & Access Management
o Microsoft Certified: Azure Security Engineer
- Professional certifications such as CISM, CISSP, ECIH are preferred but not required
- Strong knowledge of information security and cloud security concepts
- Experience in identifying, analyzing, and reporting on security risks and incidents
- Experience with security tools such as Qualys, Microsoft Defender Endpoint, Microsoft Sentinel, etc.
- Ability to evaluate vulnerabilities, develop mitigation strategies, and implement remediation
- Strong knowledge of operating systems, Microsoft Servers, Active Directory, and network protocols and technologies
5. Core Competencies:
- Attention to detail and accurate documentation
- Analytical skills to interpret information
- Ability to work independently and in a team
- Organizational and prioritization skills under pressure
6. Key Responsibilities & KPIs
Main Responsibilities:
- Monitoring incident response channels
- Executing the Information Security Incident Management Process and escalating high-priority issues
- Tracking and escalating open incidents
- Producing weekly and quarterly reports for the CISO on incident status and trends
Security Systems Configuration and Management:
- Daily monitoring of security systems to ensure proper functioning
- Configuration and management of security tools such as vulnerability, privileged access, and log management systems
- Reconciliation of assets to ensure coverage of security systems
- Reporting and issue resolution support for operational teams
Patch Management Monitoring:
- Monitoring patch management performance and identifying risks
- Addressing challenges to compliance
Threat and Event Monitoring:
- Detecting and escalating security threats and events
Vulnerability Management:
- Monitoring vulnerabilities daily
- Monthly asset reconciliation
- Managing vulnerability remediation with owners
- Supporting penetration testing activities
Supporting NITSO projects and other initiatives as required.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
