Security Engineer

Full Time
  • Full Time
  • Remote
  • Salary: R 35 000 - R45 000 p/m

Security Engineer  -Job Description 

Purpose:  

The Security Engineer will focus on provisioning and deploying cloud-based security  solutions for clients that meet regulatory obligations and data protection requirements as  well as align with business and corporate security strategy. The Security Engineer will work  collaboratively with security architects to implement security controls and safeguards  compliant with approved architecture frameworks and standards.

Key responsibilities and accountabilities: 

  • Provides the most effective method of service delivery by analysing trends and  common security themes within the industry and applying these to client  configurations. 
  • Create deliverables to address customer needs & support mobile-first, cloud-first  strategy and share intellectual property with others. 
  • Seeks information about the underlying needs of customers. 
  • Builds plans that consider potential obstacles and immediate and long-term  consequences. 
  • Demonstrates expertise in a specific solution, or several products, feature functions  or services. 
  • Provides stakeholder assistance throughout deployment to avoid/resolve technical  issues. 
  • Seeks opportunities to drive customer success and business results by collaborating  with multiple team members. 
  • Modifies and delivers existing intellectual property (IP) or, where applicable, creates  new content. 
  • Identifies business and technical risks on projects, assesses their impact and  proposes mitigations and contingencies. 
  • Contribute & participate with meetings to articulate security offerings to all  customers; share knowledge thru communities, adapt for customers. 
  • Cultivates relationships, credibility, and loyalty with customers and partners  intentionally by sharing relevant business expertise.

Qualifications & Experience:  

  • Diploma in Information Technology or related field.  
  • BSc in Computer Science, Engineering or relevant field will be beneficial. Microsoft Certified: Azure Security Engineer Associate. 
  • AWS or other cloud platform certification considered an asset. 
  • CISSP, CISA, CISM, Security+ or other relevant security related designation(s)  appreciated, but not required. with DevOps an advantage 
  • At least 5 years of experience working with customers in any of the following:  providing technical readiness and training, delivery of support services, on-premises  and remote technical support, solution development, security configurations or  technical requirements gathering.

Skills and knowledge:  

  • At least 2 years of security related experience with any of the following security domain  technologies: 
  • Azure and Cloud Security Engineering 
  • Azure Security Infrastructure, Databases, Networking, Virtual Machines
  •  Azure Secrets and Keys 
  • Azure Identity 
  • Troubleshooting of data logging and audit, security monitoring 
  • Azure Governance and Compliance 
  • Microsoft Defender for Identity 
  • Azure Sentinel (an advantage) 
  • Microsoft Client/Server Operating Systems Security, including related  services (e.g. Certificate Authority, authentication/authorization  mechanisms, encryption, health attestation) 
  • Microsoft Security recommendation experience (e.g. Securing Privileged  Access, Credential Theft Mitigations) 
  • Azure Security Services (e.g. Azure Advanced Threat Protection, Azure  Information Protection, Azure Security Center, Azure Log Analytics) 
  • Security Threat Landscape experience including advanced attack vectors  and tools (e.g. Pass the Hash, Golden Ticket, ransomware) 
  • Infrastructure Security experience with competitive cloud security technologies,  cloud security platforms, or any of the following: 
  • Cloud workload protection 
  • Threat protection
  • WAF (Web Application Firewall) 
  • Stateful firewall. (NG Firewall) 
  • Data encryption and protection key services. 
  • SIEM, and Cloud Security Analytics 
  • Security Orchestration, Automation, and Response (SOAR) 
  • Security Operation Center 
  • Identity and Access Management 
  • Microsoft 365 Security 
  • Microsoft Defender for Office 365 
  • Microsoft Defender for Endpoint 
  • Compliance 
  • Records Management 
  • eDiscovery/Advanced eDiscovery 
  • Data Loss Prevention 
  • Information Governance 
  • Information Protection 
  • Insider Risk Management 
  • Security 
  • Advanced Hunting 
  • Simulation Training 
  • Threat Analytics 
  • Investigations 
  • Modern Management – Mobility and Security Solutions in any of the following: o Microsoft Intune 
  • Azure Active Directory (AAD) 
  • Microsoft Cloud App Security (MCAS) 
  • Advanced Threat Analytics 
  • Defender for O365 
  • Microsoft Endpoint Configuration Manager. 
  • Endpoint Management Security related technologies: 
  • Microsoft Enterprise Mobility Suite + Security (EMS), 
  • Active Directory/Identity 
  • Windows Defender Advanced Threat Protection (D-ATP) 
  • Office 365 Advanced Threat Protection
  • Other endpoint security solutions and comprehensive threat protection  technologies

Competencies:

  • Critical thinking: using logic and reasoning to identify the strengths and weaknesses  of alternative solutions, conclusions or approaches to problems. 
  • Active learning: understanding the implications of new information for both current  and future problem-solving and decision-making. 
  • Systems analysis: determining how a system should work and how changes in  conditions, operations, and the environment will affect outcomes. 
  • Systems evaluation: identifying measures or indicators of system performance and  the actions needed to improve or correct performance, relative to the goals of the  system. 
  • Deductive reasoning: the ability to apply general rules to specific problems to  produce answers that make sense. 
  • Inductive reasoning: the ability to combine pieces of information to form general  rules or conclusions (includes finding a relationship among seemingly unrelated  events). 
  • Communication skills: ability to engage with high-level stakeholders, both verbal and  non-verbal. 
  • Information ordering: the ability to arrange things or actions in a certain order or  pattern according to a specific rule or set of rules (e.g., patterns of numbers, letters,  words, pictures, mathematical operations). 
  • Selective attention: the ability to concentrate on a task over a period without being  distracted.

Other:

  • Valid drivers’ licence and own means of transport.  
  • Ability to adapt to constantly changing environment and quickly build understanding  of the business and IT context/landscape. 
  • Ability to work under pressure in terms of strict deadlines and complex work  environments. 
  • Drive own delivery of projects to meet deadlines.

To apply for this job please visit www.jcmconsult.co.za.

Share This