Job Description

Job Details
Closing Date 2024/06/13
Reference Number SHO240530-1
Job Title Security Analyst I (PCI)
Job Type Permanent
Location - Country South Africa
Location - Province Western Cape
Location - Town or City Brackenfell, Cape Town
Purpose of the JobThe purpose of the Security Analyst I (PCI) role is to meticulously analyse existing security controls and devise novel and fortified security measures. These measures are designed to proactively safeguard sensitive payment card data against evolving security threats and ensure compliance with Payment Card. Industry Data Security Standard (PCI DSS) requirements. The role entails the development and implementation of comprehensive strategies to enhance PCI compliance and mitigate risks associated with payment card data handling. Additionally, the Security Analyst I (PCI) collaborate closely with cross functional teams to execute large-scale initiatives aimed at bolstering the organization's overall cybersecurity posture. Success in this role requires a professional with exceptional analytical and problem solving skills, adept at navigating a dynamic and fast-paced environment. Moreover, the ideal candidate possesses a genuine passion for cybersecurity and demonstrates proficiency in related technologies and methodologies.Job Advert Details
Job Category IT
Job ObjectivesPCI Compliance Management:
Monitor, assess, and ensure adherence to PCI DSS requirements across all relevant systems and processes.
Conduct regular audits and assessments to identify areas of non-compliance and implement corrective actions.
Maintain documentation and evidence of compliance efforts for auditing purposes.Risk Assessment and Mitigation:
Identify potential security risks and vulnerabilities related to payment card data handling.
Collaborate with cross-functional teams to develop and implement risk mitigation strategies.
Conduct periodic risk assessments to proactively address emerging threats and vulnerabilities.Security Controls Implementation:
Implement and maintain security controls and measures to protect payment card data.
Configure and monitor security tools and technologies to detect and prevent unauthorized access or breaches.
Ensure encryption, access controls, and other security mechanisms are effectively deployed and enforced.Incident Response and Management:
Respond to security incidents and breaches related to payment card data promptly and effectively.
Coordinate with internal teams and external stakeholders to contain and remediate security incidents.
Conduct post-incident analysis and implement improvements to prevent recurrence.Security Awareness and Training:
Provide training and guidance to employees on PCI DSS requirements and best practices.
Raise awareness about the importance of safeguarding payment card data and maintaining compliance.
Foster a culture of security consciousness and accountability throughout the organization.
QualificationsDiploma / Degree in computer science, cybersecurity, or any related field.
Recognised industry certifications in cybersecurity such as PCI Professional (PCIP), Certified Information Systems Security Professional (CISSP), or Certified Information Security Manager (CISM).
Experience+2 years of experience in cybersecurity, with solid experience across a variety of security products including firewalls, EDR, SIEM, WAF, IAM, PAM, DLP and encryption solutions.
Hands on knowledge of Information Security standards, architecture, and models.
Experience in Incident Response: including the ability to document security threats, resolve technical faults and allocate resources to deliver the applicable solutions.
Solid understanding of security frameworks (NIST Cybersecurity Framework, ISO Standards and MITRE Framework) and risk management methodologies.
Demonstrated experience in information security, with a focus on PCI compliance and payment card data protection.
Strong understanding of PCI DSS requirements and their application in different organisational contexts.
Proficiency in security tools and technologies for vulnerability assessment, intrusion detection, and incident response.
Excellent communication and collaboration skills to work effectively with internal teams and external partners.
Knowledge and SkillsInformation Security Management - analyses system or data governance processes, security incidents, threats, and vulnerabilities with specific reference to business owners of information security and procedural oversight and accountability, as well as the possible impact of these on business solutions and the required remediation solutions to inform cybersecurity policies, standards, best practices, tracking regulatory compliance and performance metrics.
Technical aptitude with a passion and excitement for cyber intelligence systems.
Problem-solving skills - Able to collect, organise and assimilate disparate, multiple and complex security threats or flaws within an environment to swifty arrive at solutions.
High level of self-motivation and drive to meet and exceed on goals and expectations and engage and energise others to deliver on expectations. Comfortable taking decisions and dealing with a range of problem-solving challenges independently.
Detailed, organised and quality focused - Has an affinity for detail, structure and efficiency, balancing planning and execution. Is diligent and vigilantly watches over work processes, tasks and outputs to ensure accuracy while independently actioning and correcting any quality concerns.
Strong communication skills - Is able to confidently explain and simply complex IT security concepts and their real-world advantages/disadvantages to a diverse business audience.
A Collaborative partner - Works effectively across functions and as part of a multi-disciplinary team.
Is collaborative and able to build sound, professional relationships with internal and external stakeholders.
Ability to work under pressure and under tight time constraints, efficiently prioritising workloads, balancing multiple and competing priorities and managing time effectively in a high-volume, fast- moving environment. Enjoys challenging work and has the proven ability to effectively adapt to and manage change.
Is curious and adaptable, finds agile and rapid ways of answering business questions and implementing solutions fast.

Shoprite Holdings