Responsibilities
The responsibilities of the Cyber Security Systems Administrator will include but not limited to:
- Security Tools Management: Manage and maintain security tools and technologies, including antivirus software, intrusion detection/prevention systems, and encryption tools.
- Vulnerability Assessment: Conduct vulnerability assessments to identify weaknesses in the NFSA’s IT infrastructure and applications.
- Software Assessment: Conduct in-depth analysis of software, both new and existing, encompassing SAS applications, to assess security vulnerabilities and compliance.
- Patch Management: Assist in the management of security patches and updates to ensure systems are protected against known vulnerabilities.
- Security Documentation: Create and maintain security documentation, including incident reports, security policies, procedures, and security guidelines.
- Security Reporting: Prepare and present regular security reports to management, summarizing the state of security, ongoing threats, possible mitigation and incident trends.
- Security Audits and Compliance: Participate in security audits and compliance assessments, ensuring that the organization adheres to relevant regulations and standards.
- Continuous Improvement: Continuously assess and enhance security processes and procedures to adapt to evolving threats and technologies.
- Security Awareness: Promote a security-conscious culture within the organization by fostering awareness and understanding of cybersecurity issues.
Selection Criteria
In relation to the ‘Responsibilities’ listed above, concisely demonstrate your skills, experience, and achievements against each of the following areas:
- Demonstrated experience as a Cyber Security Analyst, Administrator or similar role.
- Proven experience in information security roles, with a strong understanding of security protocols and standards.
- Extensive knowledge of risk management, incident response, and security best practices.
- Effective communication and interpersonal skills to effectively convey complex security concepts to both technical and non-technical stakeholders.
- Ability to stay updated on the latest cybersecurity threats, technologies, and best practices.