Main job function
The Cybersecurity Analyst will be responsible for continually analysing and reporting on Data Protection, Cybersecurity, and Compliance topics in the countries of presence in Africa.
This includes, but is not limited to, ensuring data protection and data privacy strategy,
governance, compliance, Information Technology (IT) cybersecurity, and Operational Technology (OT) cybersecurity. The Cybersecurity Specialist''s role encompasses providing comprehensive insights into various aspects of cybersecurity services and activities. The Cybersecurity Specialist plays a crucial role in ensuring that the Cybersecurity strategies and practices are implemented and are in harmony with the defined Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs). This alignment is essential for effectively managing and mitigating Cybersecurity risks, thus ensuring the confidentiality, availability and integrity of digital assets and operations.
Qualifications
- Bachelor''s Degree in Computer Science, Information Systems, Informatics, Electrical or Electronic Engineering, or related field.
- Masters Degree in Electrical/Electronic Engineering, Information Security, and/or Business Administration will be considered an advantage.
- 5 - 10 years experience in a Cybersecurity Specialist role, preferably with an Industrial Control Systems (ICS) or Operational Technology (OT) focus.
- Cisco Certified Network Associate (CCNA) Security, Certified Information System Security Professional (CISSP).
- Certified Cloud Security Professional (CCSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), and Global Industrial Cyber Security Professional (GICSP) certification will be considered an advantage.
- Experience in an organisation providing expert cybersecurity support to OT Cybersecurity environments will be considered an advantage.
Criteria
- Knowledge of Microsoft Windows Active Directory and networking architectures from
server and client perspectives.
- Knowledge of Hyper-V, Microsoft OS, Linux OS, and related tools.
- Knowledge of WAN topology and architecture solutions (i.e. MPLS, VPN IPSec, etc.)
- In-depth knowledge of IP protocols and their services at the application layer, such as: RIP, RDP, FTP, HTTP, BGP, SSH and Telnet.
- Knowledge of the major IP encapsulated process control protocols: Modbus TCP,
- Profinet, DNP3, IEC 61850, IEC 60870-5-101/103/104, ICCP, etc.
- Knowledge of OPC protocol versions, i.e. OPC UA, OPC DA, OPC XML, etc.
- Knowledge of ISO 2700X series and related standards.
- Knowledge of Industrial Control and OT Cybersecurity standards such as NERC CIP V3,
- IEC 62351, IEC 62443, and NIST SP800-82 SP2.
- Knowledge of Cisco, Checkpoint, Fortinet equipment and related technologies, including Switches, Firewalls, and UTM devices.
- Knowledge of Data Loss Prevention, Data Replication, and Disaster Recovery Systems.
- Broad knowledge of IT and OT infrastructure;
- In-depth and up-to-date experience in Critical Infrastructure Protection and related legislation; e.g. CIP Act 8 of 2019 for South Africa.
- In-depth knowledge of the South African National Cybersecurity Policy Framework and its supporting legislation and regulations.
- Broad knowledge of the African countries'' cybersecurity laws, mainly South Africa,
- Zambia, Kenya, Ethiopia, and Morocco.
- Knowledge of Namibia, Botswana, Mozambique, Madagascar, Tanzania, Tunisia,
- Algeria, Egypt, Senegal, Ivory Coast, and Ghana''s cybersecurity laws will be considered an advantage.
A Consultant will be in touch if you are shortlisted for the position. Please consider your application unsuccessful should you not have been contacted within 2 weeks. We will keep your CV on our database and contact you should you match the criteria of any other vacancies.