Manager - Security and Risk (1)

The Manager Security and Risk shall report to the Assistant Director Infrastructure, and shall ensure that the risk to the organization’s information posed by a variety of cyber threats (cyber attacks; theft or corruption from within; etc.) is minimized. Ensures that when cyber attacks occur or data are stolen or compromised, these incidents are dealt with promptly and effectively and the chance of that particular type of incident recurring is minimized. Provide advanced network infrastructure security support for applications, servers, storage, and related logical services. Responsible for administering, maintaining and managing the security of the Information Systems to ensure the confidentiality, integrity, and availability of information systems, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, policies, procedures and tools.

A degree in Computer Science/Information Technology or equivalent with at least 5 years of experience in defining network security requirements for local and wide area networks, evaluation of approved network security product capabilities, configuring standard communications protocols, detecting and analyzing network vulnerabilities, and developing proper computer system security solutions

Competencies:

• Advanced knowledge of information systems security management, risk management, and firewall.
• Extensive knowledge of the security of computing architecture, electronic data communications, network/data, electronic commerce, and other related areas to provide computing security and integration services to Authority computer users.
• Knowledge of ISO 27000 (IS027K) standards guidance on designing, implementing and auditing Information Security Management Systems to protect the confidentiality, integrity and availability of the information assets.
• Experience with Security Information Event Management Tools (SIEM), Vulnerability Management Tools, and Intrusion Prevention Tools.  Experience with fundamentals of IT Security & ability to apply risk management principles.
• Strong communication skills. 

Method of Application: The NRA Application form should be obtained from the NRA website at www.nra.gov.sl Complete the form and email to jobs@nra.gov.sl.

Please note that only shortlisted applicants will be contacted.

Closing Date: Closing date for the receipt of all applications is 2: pm on Friday 14th December, 2018. No application will be accepted after the closing time and date.