SITA: Internships for 2021

To provide information security services to clients including risk management, compliance services, incident

management and security development services.

Key Responsibility Areas

• Present training and security awareness and be able to facilitate courses, assess learners and moderate

assessments;

• Monitor the application of policies for the preventive, detective and corrective measures, especially up-to-

date security patches and virus control, to protect information systems and technology from malware –

viruses, worms, spyware, spam, internally developed fraudulent software, etc., and report on any deviations;

• Monitor the application of policy that ensures that security techniques and related management procedures,

e.g. firewalls, security appliances, network segmentation and intrusion detection, are used to authorise

access and control information flow from and to networks, and report on any deviations; Monitor execution

of risk and security action plans and report on any deviations. Perform security monitoring and periodic

testing and reporting for identified security weaknesses or incidents;

• Maintain and monitor a logging function that enables the early detection of unusual or abnormal activities

that may need to be addressed;

• Monitor sensitive transaction data exchanged to ensure that this takes place only over a trusted path or

medium with control to provide authenticity of content, proof of submission, proof of receipt, and non-

repudiation of origin, and report on any deviations; Identify and document characteristics of existing and

possible new potential security incidents and define impact levels; and

• Conduct vulnerability compliance assessments and log calls for security incidents.

• Recommend corrective action for identified security weaknesses or incidents.

Qualifications and Experience

Minimum: 3 years National Diploma in Computer Science or Information Technology or Network Management or a

relevant discipline NQF level 6 qualification.

Experience: 3 to 5 years Information and Communication Technology (ICT) Infrastructure or Information Security

(IS) or application life cycle management which should include the following. Working knowledge of information

technology security risk management. Exposure to enterprise architecture frameworks (e.g. TOGAF GWEA MIOS)

knowledge of governance processes and standards (e.g. ISO 27001/ 27002 COBIT ITIL). Exposure to information

system security technical standards (e.g.: SSL certificates, anti-virus protection, etc.) Experienced in (e.g. Service

Management, Converge Communication, Risk Management, Information Technology, Applications, etc).

Technical Competencies Description

Knowledge of: Working knowledge of client business environment; Exposure to Enterprise architecture frameworks

(TOGAF; Zachman; FEAF; MODAF; GWEA Framework; MIOS); Knowledge of Governance Processes and Standards

(ISO 9001; ISO 27001/ 27002; ISO 12207 (SDLC); ISO 42010; COBIT; ITIL; UML); Exposure to Information System

Security Technical Standards (e.g.: PKI, IAM, Cryptography); Detailed knowledge of the SOPs of the area/discipline

the jobholder is works in (HR, Finance, IT, etc as well as how to apply it.

Skills: Team leadership skills; Analytical skills; Project management skills; Security developer; security

applications.

Other Special Requirements

Valid driving licence and own transportation.

How to apply

DOWNLOAD APPLICATION FORM

Internal candidates must apply using this email address: [email protected]

External candidates must apply using this email address: [email protected]