Responsibilities

  1. Leading in the development / adoption and enforcement of Information Security policies, procedures and standards. Conduct review in accordance with customer / statutory requirements

  2. Define, create and maintain the documentation for certification and accreditation of each information system in accordance with customer / statutory requirements. - Administrative: Risk analysis and management, documentation management and controls, information access controls and sanctions for failure to comply. - Personnel Security: Personnel only have access to the sensitive information for which they have appropriate authority and clearance. - Physical Safeguards: Assign security responsibilities, control access to media and the controls in place against unauthorized access to workstations and related equipment. - Technical Security: Set the access and authorization controls for everyday operations as well as emergency procedures for data. - Transmission security: Set the standards for access controls, audit trails, event reporting, encryption and integrity controls.

  3. Maintaining the Security Procedures that include: - Evaluation and compliance with security measures. - Disaster Recovery and Emergency operating procedures. - Security Incident Response and process protocols including Incident Reporting and Sanctions. - Testing of security procedures, mechanisms and measures.

  4. Maintaining appropriate security measures and mechanisms to guard against unauthorized access to electronically stored and /or transmitted patient data and protect against reasonably anticipated threats and hazards.

  5. Review systems in order to identify potential security weaknesses, recommend improvements to amend vulnerabilities, implement changes and document upgrades. - Oversee and/or assist in performing on-going security monitoring of organization information systems including: - Assess information security risk periodically. - Conduct functionality and gap analyses to determine the extent to which key business areas and infrastructure comply with statutory and regulatory requirements. - Evaluate and recommend new information security technologies and counter-measures against threats to information or privacy.

  6. Ensure compliance through periodic security audits. These audits should be both internal and external in nature. - Ensure that all corrective actions are performed - Verify if the corrective actions have eliminated the cause of nonconformities

Requirements

  • Minimum 5 years’ experience Systems Administration
  • 2 years comparable working experience in any of the following areas 1. Systems Administration (either Linux, Unix, Windows) 2. Information security management & Audit 3. Security vulnerability assessment
  • Must be highly analytical and effectively able to troubleshoot and prioritize needs, requirements and other issues.
  • Skills: Active Directory Services, Network - Routing and Switching
  • Certification: IT Security & Systems & Network

Shortlisted candidates will be offered either a Permanent or Direct Contract employment.