Vacancy Details
Employer: Kontak Recruitment
"IT Compliance and Security Specialist (JB4361)
Sandton, Gauteng
R40 000 to R45 000 a month CTC
Permanent
A company that specializes in supplying state-of-the-art cash handling equipment and software solutions to a wide range of industries is currently looking for a IT Compliance and Security Specialist to join their Team. Their products cover coin and banknote counting and sorting machines, electronic drop safes for retail establishments, coin sorting and sachet equipment used by CIT companies, and automated pay point solutions
Minimum Requirements:
Candidate must have strong I.T. knowledge in Access Management, Change Management, IT Operations, IT Risk Assessments, networks, servers, cyber security, and general end user support.
Candidate must have knowledge of I.T. Operations, security, governance, frameworks, and a firm grasp of the below to provide to the auditor
Familiarity with IT policies and procedures
Experienced with Annual reviews and signing off of policies.
Ability to add new policies as needed.
Knowledge of POPIA requirements.
Understanding of ISA 315 audit requirements.
Disaster recovery and business continuity testing should be conducted at least once a year.
Ability to set up a Disaster Recovery (DR) environment with strong network and server knowledge.
Will act as the liaison between Company auditors and Alice and responsible for reporting all findings and ensuring the overall score remains satisfactory.
The candidate must possess firm knowledge of Microsoft Baseline Network Security v1.5, Microsoft patch management, user administration foundations, password configuration foundations, and vulnerability, exposure, and risk assessment to maintain a satisfactory Alice score.
Duties and Responsibilities:
Access to Programs & Data:
Implement and maintain policies and procedures for accountability, identity, authorization, authentication, monitoring, access controls, attestation, and direct access to data.
Change Management:
Establish and manage policies and procedures for change requests, tracking changes, testing changes, separate environments, version control, and change meetings.
IT Frameworks:
Ensure compliance with IT governance, information security, cybersecurity, service management, IT risk management, software development, IT project management, enterprise architecture, penetration testing, and strategy.
Centre for Internet Security (CIS) v8:
Implement and manage CIS v8 controls covering inventory and control of assets, software assets, data protection, secure configuration, account management, access control, vulnerability management, audit log management, email and web browser protections, malware defenses, data recovery, network infrastructure management, security awareness training, service provider management, application software security, incident response management, and penetration testing.
Audit Controls:
Enforce information security policies, organization information security, human resource security, asset management, access control, cryptography, physical and environmental security, operations security, communications security, system acquisition, development, and maintenance, supplier relationships, information security incident management, business continuity management, and compliance.
IT Risk Assessment
Ensure compliance with the following audit requirements:
Access policies, risk registers, user lists, employee listings, user requests, and database logging settings.
Change control policies, change lists, change requests, CAB meeting evidence, testing of changes, program library use, version control, and migration software evidence.
IT strategy, key stored procedures, monitoring evidence, automatic alerts evidence, backup policies, server names, backup software screenshots, backup reports, offsite backup evidence, testing of backups, backup media rotation evidence, environmental controls, password policies, high-risk event logs, recertifications evidence, database names, and database logging settings.
IT strategy copies, IT org chart copies, KPIs and Balanced Scorecards copies, IT asset disposal procedure copies, IT asset identification procedure copies, formal software selection process documentation copies, architecture diagram copies, and formal Incident Management Policy copies.
Please do not apply using Scanned CVs, no supporting documentation is required at this point, this will be requested later.
IMPORTANT: We specialize in specific niche fields. Regret that we are unable to provide assistance for any fields outside of this scope. Fields can be viewed on our website.
Kontak Recruitment Disclaimer:
Equal opportunity: All backgrounds are welcomed, with no bias. All are considered based on requirements.
Job specifics: Requirements mirror advertisement, duties may adjust for client needs.
Fair process: Fair assessment, only shortlisted candidates contacted due to volume.
Privacy: Data processed as per Privacy Policy. By applying, you agree to data handling. We safeguard applicant info.
Candidate verification: Candidates selected by the client are verified. False info may disqualify or end employment via the client.
Offer clarity: Advert is not a binding offer. Written offers based on pre-employment conditions.
No direct link: Advert is not tied to Kontak Recruitment. We assist in the employment process ONLY.
Applicant Responsibility: Upon applying, confirmation of receipt for a specific advert is given. If no confirmation is received, you must verify with Kontak Recruitment.
"
Candidate Requirements
Candidate must have strong I.T. knowledge in Access Management, Change Management, IT Operations, IT Risk Assessments, networks, servers, cyber security, and general end user support.
Candidate must have knowledge of I.T. Operations, security, governance, frameworks, and a firm grasp of the below to provide to the auditor
Familiarity with IT policies and procedures
Experienced with Annual reviews and signing off of policies.
Ability to add new policies as needed.
Knowledge of POPIA requirements.
Understanding of ISA 315 audit requirements.
Disaster recovery and business continuity testing should be conducted at least once a year.
Ability to set up a Disaster Recovery (DR) environment with strong network and server knowledge.
Will act as the liaison between Company auditors and Alice and responsible for reporting all findings and ensuring the overall score remains satisfactory.
The candidate must possess firm knowledge of Microsoft Baseline Network Security v1.5, Microsoft patch management, user administration foundations, password configuration foundations, and vulnerability, exposure, and risk assessment to maintain a satisfactory Alice score.
18 people have applied for this job. 394 people have viewed this job.
About Kontak Recruitment
Kontak Recruitment is a Pastel Certified Recruiter which specializes in the recruitment of personnel on all career levels including the placement of temporary, contract as well as permanent staffing. We enjoy the personalized approach with regards to out candidates focusing on their needs and requirements as well as a personalized approach with our clients in delivering an excellent service.
Kontak Recruitment conducts business in an ethical and honest manner. We aim at building long term relationships that are to the mutual benefit of all parties. We offer a responsible and personalized service to clients and candidates. We encourage an employment environment that provides equal opportunities for all employees. All positions and applications remain confidential protecting the rights and interests of both the client and the candidates.
Our core focus is delivering a staffing solution in the niche fields of Pastel Consultants,finance as well as office support. As part of this service offering we include extensive reference and qualification checks as well as a criminal and credit check. Our focus is quality and we will present the most efficient and integrated ways of satisfying the skills need within the company.
Permanent staff placements – We strive to find the right fit and providing support to client and candidate during the first three months of the employment.
Temporary and Contract placements – We offer immediate access to staff on all levels on a flexible basis. Kontak Recruitment administers the payroll and all statutory returns.
Terms and Conditions Available on Request
More Jobs at Kontak Recruitment
Campus Manager /GM (Operations /Higher /Tertiary Education) (JB4412)
- East London
- Job Type: Permanent
- Posted 17 May 2024 | 59 Days left
IT Lecturer (JB4411)
- Durban
- Job Type: Permanent
- Posted 17 May 2024 | 59 Days left
Local Sales Manager (JB4408)
- Sandton
- Job Type: Permanent
- Posted 17 May 2024 | 30 Days left
Sales Coordinator (JB4407)
- Sandton
- Job Type: Permanent
- Posted 17 May 2024 | 30 Days left