Security Engineer -Job Description
The Security Engineer will focus on provisioning and deploying cloud-based security solutions for clients that meet regulatory obligations and data protection requirements as well as align with business and corporate security strategy. The Security Engineer will work collaboratively with security architects to implement security controls and safeguards compliant with approved architecture frameworks and standards.
Key responsibilities and accountabilities:
- Provides the most effective method of service delivery by analysing trends and common security themes within the industry and applying these to client configurations.
- Create deliverables to address customer needs & support mobile-first, cloud-first strategy and share intellectual property with others.
- Seeks information about the underlying needs of customers.
- Builds plans that consider potential obstacles and immediate and long-term consequences.
- Demonstrates expertise in a specific solution, or several products, feature functions or services.
- Provides stakeholder assistance throughout deployment to avoid/resolve technical issues.
- Seeks opportunities to drive customer success and business results by collaborating with multiple team members.
- Modifies and delivers existing intellectual property (IP) or, where applicable, creates new content.
- Identifies business and technical risks on projects, assesses their impact and proposes mitigations and contingencies.
- Contribute & participate with meetings to articulate security offerings to all customers; share knowledge thru communities, adapt for customers.
- Cultivates relationships, credibility, and loyalty with customers and partners intentionally by sharing relevant business expertise.
Qualifications & Experience:
- Diploma in Information Technology or related field.
- BSc in Computer Science, Engineering or relevant field will be beneficial. • Microsoft Certified: Azure Security Engineer Associate.
- AWS or other cloud platform certification considered an asset.
- CISSP, CISA, CISM, Security+ or other relevant security related designation(s) appreciated, but not required. with DevOps an advantage
- At least 5 years of experience working with customers in any of the following: providing technical readiness and training, delivery of support services, on-premises and remote technical support, solution development, security configurations or technical requirements gathering.
Skills and knowledge:
- At least 2 years of security related experience with any of the following security domain technologies:
- Azure and Cloud Security Engineering
- Azure Security Infrastructure, Databases, Networking, Virtual Machines
- Azure Secrets and Keys
- Azure Identity
- Troubleshooting of data logging and audit, security monitoring
- Azure Governance and Compliance
- Microsoft Defender for Identity
- Azure Sentinel (an advantage)
- Microsoft Client/Server Operating Systems Security, including related services (e.g. Certificate Authority, authentication/authorization mechanisms, encryption, health attestation)
- Microsoft Security recommendation experience (e.g. Securing Privileged Access, Credential Theft Mitigations)
- Azure Security Services (e.g. Azure Advanced Threat Protection, Azure Information Protection, Azure Security Center, Azure Log Analytics)
- Security Threat Landscape experience including advanced attack vectors and tools (e.g. Pass the Hash, Golden Ticket, ransomware)
- Infrastructure Security experience with competitive cloud security technologies, cloud security platforms, or any of the following:
- Cloud workload protection
- Threat protection
- WAF (Web Application Firewall)
- Stateful firewall. (NG Firewall)
- Data encryption and protection key services.
- SIEM, and Cloud Security Analytics
- Security Orchestration, Automation, and Response (SOAR)
- Security Operation Center
- Identity and Access Management
- Microsoft 365 Security
- Microsoft Defender for Office 365
- Microsoft Defender for Endpoint
- Records Management
- eDiscovery/Advanced eDiscovery
- Data Loss Prevention
- Information Governance
- Information Protection
- Insider Risk Management
- Advanced Hunting
- Simulation Training
- Threat Analytics
- Modern Management – Mobility and Security Solutions in any of the following: o Microsoft Intune
- Azure Active Directory (AAD)
- Microsoft Cloud App Security (MCAS)
- Advanced Threat Analytics
- Defender for O365
- Microsoft Endpoint Configuration Manager.
- Endpoint Management Security related technologies:
- Microsoft Enterprise Mobility Suite + Security (EMS),
- Active Directory/Identity
- Windows Defender Advanced Threat Protection (D-ATP)
- Office 365 Advanced Threat Protection
- Other endpoint security solutions and comprehensive threat protection technologies
- Critical thinking: using logic and reasoning to identify the strengths and weaknesses of alternative solutions, conclusions or approaches to problems.
- Active learning: understanding the implications of new information for both current and future problem-solving and decision-making.
- Systems analysis: determining how a system should work and how changes in conditions, operations, and the environment will affect outcomes.
- Systems evaluation: identifying measures or indicators of system performance and the actions needed to improve or correct performance, relative to the goals of the system.
- Deductive reasoning: the ability to apply general rules to specific problems to produce answers that make sense.
- Inductive reasoning: the ability to combine pieces of information to form general rules or conclusions (includes finding a relationship among seemingly unrelated events).
- Communication skills: ability to engage with high-level stakeholders, both verbal and non-verbal.
- Information ordering: the ability to arrange things or actions in a certain order or pattern according to a specific rule or set of rules (e.g., patterns of numbers, letters, words, pictures, mathematical operations).
- Selective attention: the ability to concentrate on a task over a period without being distracted.
- Valid drivers’ licence and own means of transport.
- Ability to adapt to constantly changing environment and quickly build understanding of the business and IT context/landscape.
- Ability to work under pressure in terms of strict deadlines and complex work environments.
- • Drive own delivery of projects to meet deadlines.
To apply for this job please visit www.jcmconsult.co.za.