Description
BDO South Africa is looking for cybersecurity specialist to join their cybersecurity division.
The role involves the provision of specialist cybersecurity consulting and advisory services to a range of clients in the public and private sectors to assess, deploy and manage security controls to protect IT resources against cyber threats effectively. The suitable candidate should have more than five years of experience in IT audit, cybersecurity and data analytics. In addition, the role will require proficiency in report writing, presentation and client management. The Cyber Specialist will support different engagements to perform the following activities:
Security Consulting and Assessment:

Conduct security assessments involving technical and non-technical control assessment of IT infrastructure and systems to establish the security posture and identify risks and risk mitigation measures supported by best practices.
Support clients to remediate identified risks to improve security posture and cyber readiness.
Assist with deploying security controls, e.g., access control, encryption, data protection strategy, system logging and monitoring, etc.

Security Architecture and Implementation:

Develop security framework and assessment tools to review the implementation of controls and their effectiveness.
Design and implement security controls to enhance clients’ control environment.

Security Strategy and Risk Management:

Perform cyber security strategy and planning tasks, including risk assessment, risk quantification and cyber insurance stress testing.
Develop and implement risk management frameworks and methodologies.
Assist in developing incident response plans, business continuity plans, and disaster recovery strategies.

IT Audit and Data Analytics Support:

Provide system audits, including review of IT general controls, BCM and DR reviews.
Provide data analytics support to enhance reporting capabilities and perform specific audits such as data migration and CAATs reviews.

IT Security Training:

Prepare training material relevant to specific cyber training requirements.
Deliver cybersecurity training and phishing simulation as and when required.

Requirements
To qualify for the role, you must have:

Minimum of 5 years experience
Experience in assessing an implementing security and risk standards including ISO 2700X, NIST, ITIL, COBIT
Expereince in security risk assessment and planning using different frameworks and tools
Expereince in penetration testing on infrastructure, network, wep applications, and source code review
Expereince in cloud security benchmarking, risk assessment and cyber solutions
Manage security configurations reviews on operating systems, databases and network devices
Experience in cybersecurity awareness training.
Expereince in data anlytics and CAAT’s reviews.
Bachelors Degree in Computer Science, Information Systems, or related training in Information Security
Industry certification (e.g., CompTIA Security+, CEH, CISSP)