(Position based in Head Office: Pretoria)
Reports to Head: IT Cryptography
Summation
The person in this position will be responsible for installing, configuration, support and maintenance of the Hardware Security Module (HSM).
Performance of day to day aspects include scoping review and validation, conducting periodic review exercises, maintaining compliance artefacts,
identifying new or enhancing existing controls to mature the overall security posture, and partnering with IT and business stakeholders to maintain
Postbank’s PCI compliance.
KEY
Responsibilities
Managerial and administrative Support
Report writing
Document Management
Presentation of results
Solution Design, Configuration and Support
Mitigate security risks and threats using industry standard
frameworks
Conduct security vulnerability assessments and ensure that
systems are regularly patched and maintained
Analyze information systems to ensure that appropriate
security functions have been implemented in the systems
design and architecture
Provide security and technical architecture guidance on HSM
and data encryption solutions
Generate and manage security encryption keys
Installation, maintenance, and support of HSM
Perform queue manager backup and recovery in the HSM
environment
Monitoring problems and escalating to vendor when needed.
Document procedures for Disaster Recovery purposes
Define hardware configurations
Document configurations and key ceremony procedures
Perform hardware and software upgrades and patches
PCI Administration
Work with all relevant departments to coordinate the
gathering, approval and storage of PCI evidence that will be
used as input to the PCI Report on Compliance and Self-
Assessment Questionnaire.
Support PCI security awareness program
Support execution of internally performed and 3rd party audit
activities in accordance with the PCI DSS.
Interface with Internal Controls, Internal Audit and External
Auditors as required to satisfy any audit related policy and
compliance deliverables or work items.
Minimum
Requirements,
Skills &
Attributes
REQUIREMENTS :
National Diploma in Information Technology (NQF Level 6)
Professional Security Certification (e.g. CISSP) will be an
added advantage
Experience:
1 – 2 years of experience in information security or related IT
experience
PKI experience with Certificate Authority, Certificate
Enrolment Web Service, Revocation servers & HSMs will be
added advantage
Working experience with cryptographic solutions (including
authentication, encryption, hashing, tokenization & signing)
across applications, backup, database, endpoint device,
email, file, network, removable media and storage domains
Knowledge and understanding of:
Knowledge of cryptographic algorithms, protocols,
implementation and standards (e.g., AES, CMS, DES/TDES,
DH, DNSSEC, ECC, IBE, Kerberos, IPsec, MD5, OpenSSL,
RSA, SHA*, SSL/TLS and ANSI, IETF, NIST, FIPS, PKCS,
PKI, PCI DSS)
Troubleshooting of digital certificate related issues
Ability to facilitate key ceremonies
Hands on experience/working knowledge with Unix/Linux,
Wintel, Storage Technologies solutions and tools
Banking/Financial services industry experience will be and
added advantage
Familiarity with all requirements of the PCI DSS compliance.
Functional understanding and working knowledge of security
principles, standards and processes, such as authentication
and access control, secure configuration, network
segmentation and traffic analysis, endpoint security, platform
architecture, application security, encryption and key
management, change management, cloud security
Skills
Communication Skills ( written and verbal)
Procedure development skills
Strong interpersonal skills
Planning and organizing skills
Ability to function independently
Customer orientation
Professional, influential and highly motivated
Problem solving skills
Ability to work under pressure
Ability to produce timely
Physical Mobility (including impact of physical constraints)
Valid Code B Driving License
Should be prepared to travel to sites, work overtime and do
standby
Accountability
Installing, configuration, support and maintenance of the
Hardware Security Management (HSM), Assist with the
evaluation, design and delivery of major new Crypto security
technologies of Postbank, Conduct security vulnerability
assessments and ensure that systems are regularly patched
and maintained, Generate and manage security encryption
keys, Understanding of Information Security frameworks and
best practices (e.g. ISO, NIST)
Direction
Should function independently with minimum supervision
Should be guided by the IT Infrastructure policies and
procedures
The South African Postbank SOC Limited is committed to achieving and maintaining of diversity and equity in employment, especially with
regard to race, gender and disability. In compliance with the banks employment equity plans, first preference will be given to candidates
from designated groups. Correspondence will be limited to short listed candidates only.
If you wish to apply, please forward your Curriculum Vitae (CV) to recruitmentSN@postbank.co.za Please indicate in the subject line the
position you are applying for.
Closing Date: 18 June 2021
Position Number: 60066384
Cost Centre: 50800
Correspondence will be limited to short-listed candidates only.
If you do not hear from the South African Postbank within 3 months of this
advertisement, please accept that your application has been unsuccessful.
The South African Post Office Limited reserves the right not to
fill this position or to re-advertise the positions at any time.
Leave a Reply