Leading in the development / adoption and enforcement of Information Security policies, procedures and standards. Conduct review in accordance with customer / statutory requirements
Define, create and maintain the documentation for certification and accreditation of each information system in accordance with customer / statutory requirements. - Administrative: Risk analysis and management, documentation management and controls, information access controls and sanctions for failure to comply. - Personnel Security: Personnel only have access to the sensitive information for which they have appropriate authority and clearance. - Physical Safeguards: Assign security responsibilities, control access to media and the controls in place against unauthorized access to workstations and related equipment. - Technical Security: Set the access and authorization controls for everyday operations as well as emergency procedures for data. - Transmission security: Set the standards for access controls, audit trails, event reporting, encryption and integrity controls.
Maintaining the Security Procedures that include: - Evaluation and compliance with security measures. - Disaster Recovery and Emergency operating procedures. - Security Incident Response and process protocols including Incident Reporting and Sanctions. - Testing of security procedures, mechanisms and measures.
Maintaining appropriate security measures and mechanisms to guard against unauthorized access to electronically stored and /or transmitted patient data and protect against reasonably anticipated threats and hazards.
Review systems in order to identify potential security weaknesses, recommend improvements to amend vulnerabilities, implement changes and document upgrades. - Oversee and/or assist in performing on-going security monitoring of organization information systems including: - Assess information security risk periodically. - Conduct functionality and gap analyses to determine the extent to which key business areas and infrastructure comply with statutory and regulatory requirements. - Evaluate and recommend new information security technologies and counter-measures against threats to information or privacy.
Ensure compliance through periodic security audits. These audits should be both internal and external in nature. - Ensure that all corrective actions are performed - Verify if the corrective actions have eliminated the cause of nonconformities
- Minimum 5 years’ experience Systems Administration
- 2 years comparable working experience in any of the following areas 1. Systems Administration (either Linux, Unix, Windows) 2. Information security management & Audit 3. Security vulnerability assessment
- Must be highly analytical and effectively able to troubleshoot and prioritize needs, requirements and other issues.
- Skills: Active Directory Services, Network - Routing and Switching
- Certification: IT Security & Systems & Network
Shortlisted candidates will be offered either a Permanent or Direct Contract employment.