The scope of Services is to provide ICT Security Resources into the Authority's Security Function to manage and operate Information and Data Security activities and responsibilities on behalf of the Authority. The Authority's Security Function manages and operates the following high-level Information and Data Security activities and responsibilities on behalf of the Authority, which include, but are not limited to:
- Security Governance, Risk and Compliance Management;
- Security Budgeting;
- Security Policy (development, drafting, enforcement, etc.);
- Security Architecture and Strategy (security strategy development, security design, control frameworks and control objectives defence in depth, business needs assessments, security and operational risk impact assessments, etc.);
- Security Operations (security management, vulnerability scanning, analysis and mitigation management, coordinating penetration testing, security incident management, etc.);
- Security Monitoring (threat detection and response, Level 3 security analysis and handling, etc.);
- Solution and Platform Security Management and Assessment;
- Supplier/Vendor Security Management and Assessment;
- Security Privacy and Information Security;
- Raising and submitting Requests for Security Change (RFCs) as needed to address security and service operation issues inclusive of back out plans;
- Participating in the Technical Advisory Board (TAB) prior to the Change Advisory Board (CAB) or Emergency Change (EC) meetings to ensure that service operation risks (including security risks), issues and views are taken into account Security Awareness; and Data Security (Data Leakage Protection, Data Classification, Data handling, etc.).
The Authority's Security Function also:
- Perform Vulnerability Management scans, using Qualys, to complement or enhance an externally sourced Vulnerability Management service;
- Oversee the Authority's Security Incident and Event Monitoring (SIEM) solution, which is IBM QRadar, and collect, correlate, process, manage and analyse logs of security events to Level 3 to complement or enhance an externally sourced Security Monitoring service (to Level 1 and Level 2);
- And oversee the Authority's Security Awareness Training programme and Phishing Reporting and Analysis, which is PhishAlarm, a Wombat Security behaviour reinforcement tool by Proofpoint.
Mandatory Qualifications
- Honours Degree or Postgraduate Diploma (NFQ Level 8 or equivalent) OR Undergraduate/master's degree in information security, Business Management, Information Systems, Computer Science, Engineering, or related fields; OR No degree with 5+ years relevant experience.
Required Certifications (or equivalent) - Minimum One
- CISSP or similar certification
- CISA, CRISC, or CGEIT
- CCSP
- CCNA, CCNP, CCIE, CompTIA Security+, CEH Microsoft certifications (MCP, MCSE, O365 Security & Compliance)
- Additional Security & Data Protection Expertise ISO/IEC 270xx, ISO/IEC 3100x, PCI DSS, CIS Controls, NIST (CSF, 800-53), CSA Cloud Security.
- GDPR and Data Protection legislation
- SABSA, TOGAF, AWS/Azure/GCP security and architecture certifications
- Cloud Security (Azure AZ-900, AZ-500, AWS Security)
