Loading...
Share this Job
Apply now »

Information Security Specialist

Business:  Discovery Central Services
Function:  Information Security
Date:  02-Jun-2021

About Discovery

 

Discovery’s core purpose is to make people healthier and to enhance and protect their lives. We seek out and invest in exceptional individuals who understand and support our core purpose, and whose own values align with those of Discovery. Our fast-paced and dynamic environment enables smart, self-driven people to be their best. As global thought leaders, Discovery is passionate about innovating in order to not only achieve financial success, but to ignite positive and meaningful change within our society.

 

About Vitality Group

 

Vitality Group, a subsidiary of Discovery Limited offers a wellness platform program to global insurance companies that provides innovative health to foster healthier and happier lives. Vitality Group is responsible for the expansion of the Vitality Shared-Value Insurance business model beyond South Africa and the UK, serving to fully leverage the assets and intellectual property of Discovery beyond its primary markets.

 

Vitality Group operates a business providing wellness solutions to employer groups in the United States and partners with leading Insurers across the world to launch and grow Vitality Shared-Value Insurance in their markets. Vitality Group is also responsible for Discovery’s 25 percent equity investment in Ping An Health, the largest comprehensive medical insurer in China. Vitality Group’s businesses jointly reach more than 10 million members across 24 countries (Austria, Australia, Canada, China, France, Germany, Hong Kong, Japan, Malaysia, Pakistan, Philippines, Singapore, South Africa, South Korea, Sri Lanka, Thailand, the United Kingdom, the United States, New Zealand, Ecuador and Vietnam).

 

Key Purpose

 

               

The primary purpose of this role is to serve as an information security analyst within the Vitality Group Information Security structure. This individual works closely with the Vitality Group Information Security Team to carry out security measures to protect the Vitality Group information assets. This role includes responsibility for Information security requirements and analysis and information security operational tasks. The role also includes leading and managing the security governance for Vitality Group. The role also includes performing operational tasks across security capabilities, providing review and oversight to a number of security controls.

Areas of responsibility may include but not limited to

 

  • Ensure adherence to the current security policies and standards.
  • Evaluation and implementation of rules according to policies and standards.
  • Assist with operational tasks across multiple capabilities
  • Assist in improving current operations and procedures.
  • Assist with appropriate training and awareness programs or initiatives for all VG staff
  • Perform proactive research to identify and understand new threats, vulnerabilities, and exploits.
  • Collaborate with team members to increase security domain knowledge

 

 

  • Personal Attributes and Skills

 

Required Skills

  • Adaptability to Change
  • High Levels of Integrity
  • Very Good Communication and Facilitations Skills
  • Being Trustworthy and Open
  • Develops and Fosters Diverse Teams
  • Ability to Self-Manage
  • A Positive Mind-set
  • High Self-awareness
  • Ability to multitask
  • Engage with cross functional teams and departments

 

Behavioural Competencies:

  • Drives Results
  • Values Driven
  • Optimistic
  • Learns on the Fly
  • Resilient
  • Instils Trust
  • People Savvy
  • Problem Solver
  • Manages complexity
  • Balances Stakeholders
  • Transparency
  • Multitasking
  • Organizational skills
  • Analytics

 

Additional attributes

  • Strong Ownership qualities
  • Ability to assess and prioritize
  • Excellent planning and organizational skills
  • Able to work under pressure in a fast-paced environment
  • A strong passion for customers and technology
  • Self-motivated, self-thinker and pro-active
  • Excellent communications skills and good team player
  • Strong interpersonal skills specifically with the ability to establish and grow relationships with diverse stakeholders
  • Well-developed conflict handling skills
  • Willing to learn and develop oneself

 

 

 

Education and Experience

 

Education:

 

 

A Bachelor’s Degree in a related area such as Computer Science, Information Security and Risk Management

 

Experience:

N/A

 

 

Knowledge:

  •  

Knowledge of information security governance frameworks and standards eg. COBIT, ISO Series, NIST etc.

 

 

 

 

 

About Discovery

 

Discovery’s core purpose is to make people healthier and to enhance and protect their lives. We seek out and invest in exceptional individuals who understand and support our core purpose, and whose own values align with those of Discovery. Our fast-paced and dynamic environment enables smart, self-driven people to be their best. As global thought leaders, Discovery is passionate about innovating in order to not only achieve financial success, but to ignite positive and meaningful change within our society.

 

About Vitality Group

 

Vitality Group, a subsidiary of Discovery Limited offers a wellness platform program to global insurance companies that provides innovative health to foster healthier and happier lives. Vitality Group is responsible for the expansion of the Vitality Shared-Value Insurance business model beyond South Africa and the UK, serving to fully leverage the assets and intellectual property of Discovery beyond its primary markets.

 

Vitality Group operates a business providing wellness solutions to employer groups in the United States and partners with leading Insurers across the world to launch and grow Vitality Shared-Value Insurance in their markets. Vitality Group is also responsible for Discovery’s 25 percent equity investment in Ping An Health, the largest comprehensive medical insurer in China. Vitality Group’s businesses jointly reach more than 10 million members across 23 countries (Austria, Australia, Canada, China, France, Germany, Hong Kong, Japan, Malaysia, Pakistan, Philippines, Singapore, South Africa, South Korea, Sri Lanka, Thailand, the United Kingdom, the United States, New Zealand, Ecuador, Vietnam and the Netherlands). 

 

 Key Purpose

 

The primary purpose of this role is to serve as a technical security specialist within the Vitality Group Information Security structure. This individual works closely with the Vitality Group Information Security Officer to perform operational functions across all related security capabilities within VG.

 

Areas of responsibility may include but not limited to

 

  1. Develops and manages IT security for multiple IT functional areas (e.g., applications, systems, network and/or Web) across VG.
  2. Develops and manages security services on Application and Web application
  3. Performs based vulnerability scanning, virus management and intrusion detection.
  4. Leads and responds to security incidents and investigations and targets reviews of suspect areas.
  5. Provides strategic and tactical direction and consultation on information security and compliance.
  6. Identifies and resolves root causes of security-related problems.
  7. Possess strong / experienced application development and/or application security background; with solid knowledge of SDLC from design, testing, deployment to post production and the different risk elements associated with each step.
  8. Consults on teams to resolve issues that are uncovered by various internal and third-party monitoring tools.
  9. Communicates reporting results and analytical evaluation to information security management.
  10. Maintains contact with vendors regarding security system updates and technical support of security products
  11. Works on multiple projects as a team member or technical lead.
  12. Monitors and analyses information security performance reports and escalates issues as needed.
  13. Leads and reviews application security risk assessments for new or updated internal or third party applications.
  14. Evaluates and recommends tools and solutions that provide security functions.
  15. Determines security violations and inefficiencies by conducting periodic audits.

 

  1. Maintains quality service by following organization standards.

 

  1. Implements security improvements by assessing current situation, evaluating trends, anticipating requirements.

 

Personal Attributes and Skills

 

  • Values Driven
  • Optimistic
  • Learns on the Fly
  • Resilient
  • Instils Trust
  • People Savvy
  • Drives Results
  • Problem Solver

 

 

Education and Experience

 

Education:

 

Knowledge of information security governance frameworks and standards e.g. COBIT, ISO Series, NIST etc.

Experience in a broad range of security technologies/products, standards and methodologies.

Experience in the development of security plans, strategies, roadmaps, methodologies and frameworks.

 

Information Security industry-standard certifications such as CRISC, CISA, CISM or CISSP would be advantageous

 

Experience:

 

10+ Years IT Experience

10+ Years’ experience in Information Security

5+ Years direct incident response, cyber security red team / pen tester experience

 

Knowledge:

 

Cloud Security - IAM, NSG, ASG, ID Federation, VPN’s, IPSec

Cloud Security - Policies, controls, procedures and technologies

WAF Implementations

OWASP top 10 mitigation approaches – Service based environments e.g. REST

Mastery of Linux/Mac/Windows operating systems

Network/Wireless Penetration Testing

Ability to understand and modify code in a diverse range of programming languages and frameworks - OO Programming concepts

Proficiency in cryptographic protocols and cipher suites

Thorough understanding of network protocols, data on the wire, and covert channels

Source code reviews.

Familiarity with penetration testing methodology and standards

Deep understanding of Secure SDLC

 

Employment Equity  

The Company’s approved Employment Equity Plan and Targets will be considered as part of the recruitment process. As an Equal Opportunities employer, we actively encourage and welcome people with various disabilities to apply.

 

 

Apply now »