IT Security Analyst

Are you determined to go further as a Difference Maker? SAICA has a perfect opportunity to take you further on your journey of being a Difference Maker.

SAICA has embarked on an exciting transformation to become an insights-driven, technology-enabled, and AI-powered organisation. As part of our journey, we are streamlining processes, enhancing our digital capabilities, and strengthening our focus on sustainability in the accounting profession.This transformation presents an opportunity for you to grow and contribute to SAICA’s vision in a redefined, future-fit role. We are looking for enthusiastic, skilled professionals who are eager to innovate, embrace data-driven decision-making, and help shape the future of the profession.

If you are ready to be part of this next chapter, make a meaningful impact, and you are a suitably qualified and experienced Difference Maker wanting to go further on this exciting journey, you are encouraged to apply.

Purpose of the job

The IT Security Analyst role is to protect SAICA’s information systems, networks, and data by detecting vulnerabilities, monitoring for security threats, and addressing incidents. This position necessitates the capability to design and apply security protocols, perform security evaluations, and collaborate with different teams to secure the organization's digital resources from cyber threats. The IT Security Analyst will beinstrumental in safeguarding against data breaches, malware, ransomware, and other cyberattacks, while also ensuring adherence to applicable security standards and regulations.

Key/main outputs

Output 1: Security Monitoring & Threat Detection

• Monitor network traffic and security alerts to identify potential threats, vulnerabilities, and breaches.
• Utilize security information and event management (SIEM) tools to analyze data, identify trends, and detect unusual activity.
• Respond promptly to security incidents and coordinate the investigation and resolution of potential threats

Output 2: Risk Assessment & Vulnerability Management

• Conduct regular security assessments, vulnerability scans, and penetration testing to identify weaknesses in the organization’s systems and networks.
• Recommend and implement solutions to mitigate identified vulnerabilities and reduce security risks.
• Collaborate with IT teams to ensure the timely patching and updating of security vulnerabilities.

Output 3: Incident Response & Remediation

• Develop, implement, and manage incident response protocols and procedures.
• Investigate and respond to security breaches, including containment, eradication, and recovery from security incidents.
• Conduct post-incident analysis and provide recommendations for future prevention.

Output 4: Security Policy & Compliance

• Ensure that the organization’s IT systems comply with relevant industry standards, regulations, and frameworks (e.g., POPIA, PCI-DSS, NIST, ISO 27001).
• Assist in the development and enforcement of IT security policies, procedures, and best practices across the organization.
• Maintain and audit access controls, ensuring that users and systems have appropriate levels of access based on security policies.

Output 5: Security Architecture & Design

• Collaborate with IT teams to design and implement secure systems, networks, and applications.
• Review and recommend improvements to the SAICA’s security architecture to ensure the protection of sensitive data and systems.
• Work on encryption, identity management, and other security measures to protect digital assets.

Output 6: Security Awareness & Training

• Conduct training and awareness programs to educate SAICA employees about best practices in IT security and the importance of cybersecurity.
• Develop materials and provide support to help staff recognize phishing, social engineering, and other common cybersecurity threats.

Output 7: Collaboration & Reporting

• Collaborate with cross-functional teams (e.g., IT, legal, compliance) to ensure the organization's cybersecurity posture is robust and aligned with business objectives.
• Provide regular reports to management on the status of security incidents, vulnerabilities, compliance efforts, and security initiatives

Output 8: Continuous Improvement

• Stay current with emerging security threats, trends, and technologies by continuously improving knowledge of the latest cybersecurity practices and tools.
• Participate in regular cybersecurity drills, threat simulations, and ongoing professional development activities.

Output 9: Embrace and drive organisational transformation

• Actively contribute to cost containment efforts by identifying opportunities for operational efficiencies, optimising resources, and ensuring value-driven decision-making in daily activities.
• Support SAICA’s transformation into an insights-driven organisation by leveraging data and analytics to enhance decision-making, improve processes, and drive continuous improvement in your area of work.
• Effectively utilise digital tools and technology to enhance productivity, streamline workflows, and improve service delivery. Stay informed about new and emerging technologies relevant to your role.
• Adopt and embrace AI-driven tools and automation to enhance efficiency, accuracy, and effectiveness in job-related tasks, while continuously seeking opportunities to improve processes through innovative technology solutions.
• Identify and support SAICA’s management of risks related to sustainability, including environmental risks, regulatory changes and social risks and integrating them into business continuity and risk management plans.