Endpoint Secuirty and Access Control Specialist

The Endpoint Security and Access Control Specialist plays a critical role in fortifying the organization's End Point Security solutions.

JOB SUMMARY:

The Endpoint Security and Access Control Specialist plays a critical role in fortifying the organization's End Point Security solutions. The Endpoint Security and Access Control Specialist supports the IT Desktop and Security team by installing, configuring, monitoring and analyzing the organization's End Point Security Solutions to prevent, detect, analyze, and respond to cybersecurity incidents. The role involves thorough monitoring of the End Point solutions and system activities to identify and mitigate potential threats and conducting detailed system reviews. The Endpoint Security and Access Control Specialist will participate in the development and enforcement of security policies and procedures to protect the organization's End Points. The Endpoint Security and Access Control Specialist will also procure, configure Operating System images, and deploy software and security updates to endpoints. The Endpoint Security and Access Control Specialist will manage and secure users' data on the network shares.        

 KEY FUNCTIONS:

Annual Operating Strategy 

• Keep abreast of the Corporate End Point solutions updates, upgrades and new solutions both internally and externally.
• Keep abreast of the latest cybersecurity threats, trends, and adversary tactics to proactively strengthen end-point defenses.
• Engage in ongoing research to stay ahead of potential system breaches through the adoption of innovative endpoint security measures.

 Security Monitoring and Analysis 

• Continuously monitor endpoints internally and externally to identify and assess potential threats and vulnerabilities. Utilize the End Point Threat Protection (ETP) and End Point Detection (EDR) analytics to detect anomalies and signs of unauthorized access. 

• Generate comprehensive reports detailing the findings from security monitoring, assessments, and incidents. 

• Monitor email and ticketing systems for end-points security issues and follow through until resolution.

Patch Management Compliance 

• Analyze patch management reports to identify trends and compliance levels across IT assets. 

Security Incident Response 

• Act as the primary responder to end-point security incidents and assist in coordinating the flow of information during security incidents. 

• Oversee the recovery and mitigation process on end-points to restore system integrity and conduct thorough investigations to understand attack vectors and prevent future breaches.

 Privilege Management

• Support the Security team in providing access to their Privilege Management solution. 

• Ensure that the Microsoft Local Access Administrator Solution (LAPS) is functioning on all end-points. 

Vulnerability Management 

• Compile and analyze vulnerability assessment results on all end-points to assist the IT Security team with prioritizing vulnerability based on risk. 

• Assist the IT Security with identifying and resolving false positive findings reported by information security tools. 

Third Party Cyber Risk Management 

• Assist in the assessment of cybersecurity risk through the external Dealer Stores.

 Endpoint Detection and Response Management 

• Assist in the initial triage of alerts generated by EDR solutions to prioritize alerts based on severity, credibility and impact. 

• Act as the first point of contact between the IT security team and other departments as well as other external security vendors to ensure a coordinated approach to endpoint security response and maintenance. 

Contract Management/ Solution Procurement 

• Prepare tender documents for the procurement and renewal of security solutions.

 Workplace Safety- to conform to the OSH Act and company HSE policies and procedures and oversee compliance by contracted service providers.

 To perform any such related duties that may be assigned by the IT Helpdesk Manager.

 EDUCATION & EXPERIENCE:

•  Bachelor’s degree in a Computer Science or related fields
• ITIL Certification
• Network and Security certification
• Microsoft MCSE/MCSA certification
• A minimum of two (2) years in IT roles with a significant focus on cybersecurity.
• At least two years of experience in Microsoft Active Directory.
• At least two years of experience in Microsoft System Center Configuration Manager.
• At least two years of experience in End Point Threat Protection (ETP) and Endpoint Detection and Response (EDR) application. 

Knowledge of: 

• Cybersecurity principles and frameworks.
• Network and system security technologies.
• Incident detection and response procedures.
• Security of cloud services and infrastructure (VMware, Dell, Oracle etc.)

 Any relevant combination of qualifications and experience at an appropriate level to perform the required duties competently will be considered. 

FUNCTIONAL COMPETENCIES:

Cloud First Focus - Ability to adopt, implement and maintain a cloud-first approach to the overall IT solution support, design and application development in conjunction with Technology Vendors to deliver solutions that align with current and future business requirements, both internally and helping our customers make use of secure, scalable and reliable cloud solutions at a competitive price.
 
Solution Design & Implementation- The specification, design, and implementation of information systems solutions (security, applications, network, database, cloud, data center etc.) to meet defined business needs either internally or commercially that are in alignment with corporate strategy, industry best practice and within constraints of cost, security, and sustainability. It spans the identification of concepts and their translation into an implementable design; planning, development, testing and the go-live of the final product or service and ensures the optimum use of current solutions, retention of compatibility with enterprise and solution architectures and avoiding solution duplication.
  
IT Service Management - The ability to manage IT solutions and resources required to plan for, develop, deliver, and support IT services and products to meet the current and future needs of the business that will strengthen the company's competitive advantage. It includes the preparation for new or changed services, management of the change process and the maintenance of standards. The identification, analysis, clarification, and communication of the context of use in which solutions will operate, and of the goals of products, systems or services. Analysis and prioritization of stakeholders’ “user experience” needs and definition of required system behaviour and performance. This includes negotiation, implementation and monitoring of service level agreements, seeking continually and proactively to improve service delivery and sustainability targets.
 
Digital Transformation - Ability to perform creative problem solving, partnering with vendors and using a variety of techniques to come up with innovative solutions using technology to assist with the defining or redefining of TSTT’s products and services. These include the management of all activities required to launch a new product, service, process or concept using digital tools and platforms including the ability to manage digital products as they move through the typical stages of their product lifecycle: Development and Introduction, Growth, Maturity/Stability, and Decline. Ability to identify, implement and utilize specific solutions that will deliver on TSTT’s digital value proposition.
 
IT Project Management - The management and delivery of projects from design, development, and implementation of IT solutions to meet identified business needs using industry best practices. This includes the ability to categorize the solution into cycles to deliver a working product within time constraints using agile principles that allows teams to respond rapidly, efficiently, and effectively to changes. Ensures the delivery of features with the greatest business value first and having the real- time information to tightly manage cost, time, scope and quality.
 
Information Security Risk Management - Working knowledge of how to safeguard the confidentiality, integrity, and availability of information and information processing facilities using defined IT security principles, controls, and best practices that are aligned with the business objectives and through security awareness.
 

CORE AND LEADERSHIP COMPETENCIES:

Organisational Awareness: Contributes to the organisation by understanding and aligning actions with the organisation's goals, core functions, needs, and values. Contributes to the organisation by actively demonstrating the alignment of activities with the organisation strategies, key initiatives, core functions, needs, and values and supporting others to do the same.

Customer Focus: Prioritises and takes action on the needs of both internal and external customers. Designs and delivers products and services with the customer experience top of mind.

Planning and Results Orientation: Invests time in upfront planning to achieve organisational goals and objectives while meeting quality standards, following the appropriate processes, and continuously assessing results.

Creativity and Innovation: Thinks beyond the confines of traditional models to recognise opportunities and find new and better ways of doing things to be and remain an agile broadband provider. Encourages experimentation and accepts failure as a driver of innovation.

Communication: Effectively and appropriately interacts with others to build relationships, influence others, and facilitate sharing ideas and information. Uses tact and diplomacy to navigate demanding situations. Relays key messages by creating a compelling story targeted to specific audiences.

Strategic Leadership and Execution: Applies vision to think beyond the immediate situation and explore multiple potential paths. Invests time in planning, discovery, and reflection to drive decisions and more efficient implementation. Ensures that business goals are met by executing, monitoring, and adjusting the organizational action plan.

People Leadership: Inspires, motivates, and empowers people to achieve organizational goals. Coaches, mentors, and manages employee experience and performance through mindful preparation. Creates space for others to lead.

Managing Through Change and Uncertainty: Adjusts thinking and behaviour to resiliently face change and uses experience to fuel growth. Embraces failure as a learning opportunity for themselves and others. Enables the process of change and transition while helping others deal with the effects of change.

Problem Solving and Decision Making: Use critical thinking to evaluate problems, gather information, understand causes, and identify best workable solutions. Invests time in planning, discovery, and reflection to drive better decisions and more efficient implementations.

Deadline date for applications: Thursday 19th December 2024