HSM / PCI Administrator (C5)


Job Title HSM / PCI Administrator (C5)
(Position based in Head Office: Pretoria)
Reports to Head: IT Cryptography
The person in this position will be responsible for installing, configuration, support and maintenance of the Hardware Security Module (HSM).
Performance of day to day aspects include scoping review and validation, conducting periodic review exercises, maintaining compliance artefacts,
identifying new or enhancing existing controls to mature the overall security posture, and partnering with IT and business stakeholders to maintain
Postbank’s PCI compliance.
Managerial and administrative Support
 Report writing
 Document Management
 Presentation of results
Solution Design, Configuration and Support
 Mitigate security risks and threats using industry standard
 Conduct security vulnerability assessments and ensure that
systems are regularly patched and maintained
 Analyze information systems to ensure that appropriate
security functions have been implemented in the systems
design and architecture
 Provide security and technical architecture guidance on HSM
and data encryption solutions
 Generate and manage security encryption keys
 Installation, maintenance, and support of HSM
 Perform queue manager backup and recovery in the HSM
 Monitoring problems and escalating to vendor when needed.
 Document procedures for Disaster Recovery purposes
 Define hardware configurations
 Document configurations and key ceremony procedures
 Perform hardware and software upgrades and patches
PCI Administration
 Work with all relevant departments to coordinate the
gathering, approval and storage of PCI evidence that will be
used as input to the PCI Report on Compliance and Self-
Assessment Questionnaire.
 Support PCI security awareness program
 Support execution of internally performed and 3rd party audit
activities in accordance with the PCI DSS.
 Interface with Internal Controls, Internal Audit and External
Auditors as required to satisfy any audit related policy and
compliance deliverables or work items.
Skills &

Minimum Requirements
 National Diploma in Information Technology (NQF Level 6)
 Professional Security Certification (e.g. CISSP) will be an
added advantage
 1 – 2 years of experience in information security or related IT
 PKI experience with Certificate Authority, Certificate
Enrolment Web Service, Revocation servers & HSMs will be
added advantage
 Working experience with cryptographic solutions (including
authentication, encryption, hashing, tokenization & signing)
across applications, backup, database, endpoint device,
email, file, network, removable media and storage domains
Knowledge and understanding of:
 Knowledge of cryptographic algorithms, protocols,
implementation and standards (e.g., AES, CMS, DES/TDES,
DH, DNSSEC, ECC, IBE, Kerberos, IPsec, MD5, OpenSSL,
 Troubleshooting of digital certificate related issues
 Ability to facilitate key ceremonies
 Hands on experience/working knowledge with Unix/Linux,
Wintel, Storage Technologies solutions and tools
 Banking/Financial services industry experience will be and
added advantage
 Familiarity with all requirements of the PCI DSS compliance.
 Functional understanding and working knowledge of security
principles, standards and processes, such as authentication
and access control, secure configuration, network
segmentation and traffic analysis, endpoint security, platform
architecture, application security, encryption and key
management, change management, cloud security
 Communication Skills ( written and verbal)
 Procedure development skills
 Strong interpersonal skills
 Planning and organizing skills
 Ability to function independently
 Customer orientation
 Professional, influential and highly motivated
 Problem solving skills
 Ability to work under pressure
 Ability to produce timely
Physical Mobility (including impact of physical constraints)
 Valid Code B Driving License
 Should be prepared to travel to sites, work overtime and do
 Installing, configuration, support and maintenance of the
Hardware Security Management (HSM), Assist with the
evaluation, design and delivery of major new Crypto security
technologies of Postbank, Conduct security vulnerability
assessments and ensure that systems are regularly patched
and maintained, Generate and manage security encryption
keys, Understanding of Information Security frameworks and
best practices (e.g. ISO, NIST)
 Should function independently with minimum supervision
 Should be guided by the IT Infrastructure policies and
The South African Postbank SOC Limited is committed to achieving and maintaining of diversity and equity in employment, especially with
regard to race, gender and disability. In compliance with the banks employment equity plans, first preference will be given to candidates
from designated groups. Correspondence will be limited to short listed candidates only.
If you wish to apply, please forward your Curriculum Vitae (CV) to recruitmentSN@postbank.co.za Please indicate in the subject line the
position you are applying for. To view the full position specification, log on to www.postbank.co.za and click on Careers.
Closing Date: 18 June 2021
Position Number: 60066384
Cost Centre: 50800
Correspondence will be limited to short-listed candidates only. If you do not hear from the South African Postbank within 3 months of this
advertisement, please accept that your application has been unsuccessful. The South African Post Office Limited reserves the right not to
fill this position or to re-advertise the positions at any time.