A Snapshot

As the ICT Security Analyst, reporting directly to the ICT Security Advisor you will work closely with the rest of the ICT team, making your mark in a number of ways:

• Implementing enterprise cloud security controls, aligning to frameworks such as AWS Well-Architected, Cloud Security Alliance Cloud Controls Matrix, and country-specific standards

• Perform security reviews for applications and systems used across the client, from initial procurement through adoption and operation

• Support the Information Security Management System in ensuring that the client meets its compliance requirements and deliver customer success

Your Day to Day

• Identify, document, and raise security vulnerabilities and threat events relevant to the client cloud applications

• Make sure the client Information Security Policy and security architecture principles are being followed

• Research new cloud security capabilities in the market and document

• Support the client ICT incident response function through threat monitoring, escalation, investigation and response

• Assist the ICT Security Advisor in engaging with third parties (such as vendors, consultants, and service providers) and business partners on cloud security

• Find opportunities for improvement and perform proof-of-concept activities

• Promote secure user behaviour across the client through awareness initiatives

Requirements

• Demonstrated ability in implementing and assessing security controls for cloud environments such as Azure and Office365

• Have Baseline or NV1 Clearance or able to get one

• Tertiary qualifications or equivalent experience in information technology and/or security

• Solid grasp of the Shared Responsibility Model for cloud security, and the control set applicable to cloud assets

• Full proficiency in written and spoken English

• Superb communication skills and ability to connect effectively with all professional levels within the organisation

• Good understanding and experience using vulnerability and penetration testing tools well regarded

• Cyber Security industry certifications (e.g. CISSP, GICSP, CISM, GSEC, etc) are a plus

• Strong WinTel and Networking skills

• Strong time management and collaboration skills