IT Security Analyst

Vitality Group, a subsidiary of Discovery Limited is responsible for the expansion of the Vitality Shared-Value Insurance business model beyond South Africa and the UK, serving to fully leverage the assets and intellectual property of Discovery beyond its primary markets. The business forms equity or contractual partnerships with leading global insurers to integrate Vitality and shared value with partner’s insurance and financial services products in the markets where they operate. Vitality Group also operates a business providing wellness solutions to employer groups in the United States. Vitality Health International, a business unit within Vitality Group coordinates and focuses on resource allocation to Discovery’s emerging, global health insurance initiatives. Vitality Group is also responsible for Discovery’s 25 percent equity investment in Ping An Health, the largest comprehensive medical insurer in China.

To date, Vitality Group’s businesses jointly reach more than 20 million lives across 40 markets (Argentina, Austria, Australia, Brazil, Canada, China, Ecuador, France, Germany, Hong Kong, Indonesia, Italy, Japan, Macao, Malaysia, Mexico, Netherlands, New Zealand, Pakistan, Philippines, Portugal, Saudi Arabia, Singapore, South Korea, Spain, Sri Lanka, Thailand, the United States and Vietnam) as well as our primary markets in South Africa and the United Kingdom.

Key Outputs may include but are not limited to:

• In coordination with the IT engineering team, harden systems and ensure systems are up to date.
• Perform internal cyber security audits and facilitate external audits.
• Work with 3rd party vendors to run vulnerability scans and pen tests as well as assist in developing remediation projects based on the findings.
• Conduct peer cyber security reviews before applications, systems, or integrations go live.
• Facilitate timely delivery of PCI_DSS and SSAE 18 SOC 2 Type audits
• Develop, train, and communicate, and keep current information security policies and procedures
• Collect and schedule annual Penetration testing and manage the remediation process for any findings
• Perform interactive exercises to measure the effectiveness of our systems and training.
• Analyze and apply applicable information from intelligence reports
• Monitor the environment for suspicious activity utilizing various security tools and log consolidators
• Contribute to the design and participate in disaster recovery and business continuity plans
• Conduct legal hold actions and perform investigations when required
• Review information security awareness training and track completion and effectiveness for all team members
• Additional duties as assigned
• Document and classify security events and incidents. Act as the first responder to triage and remediate events

Requirements

Required Skills:

• At least 1 years’ experience in the security industry is preferred
• At least 1 years’ experience in a technical IT capacity is preferred-Preferred (would be advantageous)
• 1 year or more experience in an active IT Security role is preferred
• Bachelor’s degree in Cyber Security, Computer Information Science, Computer Science, or other closely related fiel
• Candidates with certifications in or busy with CISSP, CASP, Sec+, CEH, CISM, and CRISC are desired

Technical Skills or Knowledge

• Experience or a good understanding with security and governance frameworks such as NIST, HITRUST, COBIT, C2M2, etc
• Preferred (would be advantageous)
• Exposure and a good understanding of SOC and PCI audits is preferred
• Knowledgeable in cryptographic communication and storage protocols
• Knowledgeable in networking design and protocols
• Experience with security and governance frameworks such as NIST, COBIT, C2M2, etc
• Experience with system hardening
• Experience with penetration testing and mapping software
• Experience with log and event analysis toolsets
• Experience with investigation protocols and discovery techniques
• Experience with packet capture analysis

Vitality is an equal opportunity employer. All employment decisions are based on qualifications, merit and business needs.

Benefits

• Health Care Plan (Medical, Dental & Vision)
• Retirement Plan (401k, IRA)
• Life Insurance (Basic, Voluntary & AD&D)
• Paid Time Off (Vacation, Sick & Public Holidays)
• Family Leave (Maternity, Paternity)
• Short Term & Long Term Disability
• Wellness Resources
• Training & Development