Manager, Network Security (MIS/IT 5) - Regional Office

JOB PURPOSE

Reporting to the Director, ICT, the Manager, Network Security is primarily responsible for ensuring that the Region’s network is secured from both internal and external threats by installing, administering and troubleshooting security solutions. The incumbent will also design new networks and redesign existing networks to ensure a high level of security as well as developing security administration processes. 

CORE FUNCTIONS:

• Develop security administration processes and procedures in accordance with standards, procedures, directives, policies and regulations 
• Participate in the selection and acquisition of additional security solutions and enhancements to the existing security solutions to improve overall security as per the Government of Jamaica Procurement Guidelines 
• Conduct continuous penetration testing, and network audits to ensure compliance with international security standards and network intrusion and prevention detection
• Identify network weaknesses and provides strengthening solutions 
• Monitor network traffic and provide reports on network irregularities and anomalies
• Monitor network usage to ensure compliance with security policies 
• Ensure network security is maintained through continuous monitoring of networks
• Keep up to date with developments in IT security standards and threats
• Document any security breaches and assess the damages 
• Configure and maintain security tools such as firewalls, anti-virus software and patch management systems 
• Design, implement and maintain network security policies, application security, access control and corporate data safeguards 
• Conduct and report on network audits in accordance with established procedures 
• Work closely with System Administrator to design networks and provide recommendations for optimal network security 
• Assess existing networks for security compliance and improvements 
• Ensure that Information Systems are assessed regularly for vulnerabilities and that appropriate solutions to eliminate or otherwise mitigate identified vulnerabilities are implemented 
• Perform security performance testing and reporting and recommends security solutions in accordance with standards, procedures, directives and policies
• Monitor system logs, for systems such as firewalls, intrusion detection/prevention and network traffic for unusual or suspicious activity. Interpret activity and make recommendations for resolution 
• Monitor and assess network security vulnerabilities and threats using various technical and non-technical data and mitigates network security vulnerabilities in response to problems identified in Vulnerability Reports 
• Perform network security evaluation in regular intervals, estimates risks to the Company and recommend remediation activities 
• Conduct research on emerging products, services, protocols and standards in support of security enhancement and development efforts 
• Ensure that all changes to the security solutions comply with approved Change Management policies and standards 
• Apply security controls in support of the Risk Management Programme
• Implement Threat and Vulnerability Assessments to identify security risks and regularly updates applicable security controls 
• Lead in the development of Information Security policies, standards, supporting guidelines and procedures, ensuring alignment with company objectives and appropriate standards 
• Apply response actions in reaction to security incidents, in accordance with established policies, plans and procedures 
• Participate in incident response and recovery efforts and prepares Security Incident Reports as required 
• Contribute to the development of Incident Response Plans in accordance with Security policies and organizational goals 
• Lead and/or participates in security-related projects 

Administrative 

• Contribute to the preparation of the Unit’s budget, Procurement and Operations plans
• Participate in cross-functional projects to ensure information security requirements are incorporated into system/solution designs and security controls are implemented into these systems/solutions 
• Train and or sensitize fellow employees in security awareness and procedures
• Perform any other duties that may be required from time to time 

REQUIRED QUALIFICATION & EXPERIENCE:

• Bachelor’s Degree in Computer Science or Information Technology or related fields
• CISSP, Security+ Certification would be an asset 
• Information Security Certifications, such as CCSA, CEH or equivalent (Desirable)
• Three (3) years hands-on Information Security experience, supporting complex security environments 
• Two (2) years experience in Network Management, System Administration or other related disciplines 

Advanced experience in the following would be an asset: 

• Application and Data Security
• Computer Forensics 
• Incident Management 
• IT Security Architecture
• Network Operations Security
• Vulnerability Management 

REQUIRED KNOWLEDGE, SKILLS & COMPETENCIES:

Core 

• Excellent written and oral communication skills 
• Ability to remain calm under pressure and meet deadlines 
• Ability to work on own initiative 
• Sound diagnostic, problem-solving and critical thinking skills 
• Excellent planning, organizing and prioritizing skills 
• Information gathering and information monitoring 
• Attention to detail and accuracy 

Technical 

• Hands-on knowledge of firewalls, intrusion detection systems, data encryption and other industry-standard techniques and practices 
• Good technical knowledge of network, PC and platform operating systems
• Working technical knowledge of current systems software, protocols and standards 
• Strong knowledge of TCP/IP and network administration/protocols
• Hands-on experience with networking devices 
• Good understanding of Project Management principles 
• Good understanding of the requirements of ISO27001 
• Ability to deal with diverse and complex issues 

SPECIFIC CONDITIONS ASSOCIATED WITH THE JOB:

• May be required to work beyond normal working hours, including weekends and public holidays 
• Ability to work under pressure and with minimum supervision 
• Light physical exertion – the ability to lift up to 50 lbs 
• Will be required to walk, sit or stand for extended hours 
• On twenty-four (24) hour calls due to the nature of the job 
• Required to respond promptly to emergency calls/situations at short notice, particularly during the night 
• Will be required to travel within and outside of the parish 
• Will be required to travel throughout the Region to execute duties 

ONLY SHORTLISTED APPLICANTS WILL BE CONTACTED