Senior Security Engineer L4

Nov 15, 2023

Senior Security Engineer L4
Role Purpose:
The Principal Security Professional is responsible for the support & maintenance of the organization’s information security, this will include acting as a technical lead, cybersecurity architect and provide strategic into the organization’s roadmap.

Qualifications:

  • Bachelor’s Degree in IT or similar qualification.
  • Certifications in Information Security are required.
  • CISSP
  • CISM

Key Performance Areas would include, but are not limited to:

  • Analyze, test, troubleshoot and support client’s cybersecurity investment.
  • Monitor the performance and security of infrastructure, applications, and operations with the Protects information assets by developing security strategies, directing system access control, monitoring, and response.
  • Perform system and account administration tasks.
  • Contribute to, maintain, and document system architecture, standards, and procedures.
  • Adhere to and identify solutions that streamline the internal workflow.
  • Maintain the software license register and periodically re-verify existing license validity.
  • Assists in Information Security projects to align with organizational strategic objectives, goals, and risk tolerance.

Key Outputs:

  • Implement and regularly review automated monitoring cybersecurity for all infrastructure and application services.
  • Maintain detailed infrastructure documentation, including an incident register for all cybersecurity incidents & outages.
  • Maintain an up-to-date software license register, following pre-defined SOPs.
  • Manage real-time infrastructure incidents to minimize operational business impact and maximize availability with the relevant cybersecurity service providers.
  • Perform preventative and reactive maintenance to ensure required availability of services, in line with business needs, whilst adhering to defined change management principles.
  • Ensure that the relevant service providers process support requests within SLA.
  • Perform system and account administration tasks within SLA.
  • Perform project-based activities as directed by the IT project manager.
  • Provide detailed & accurate estimates and feedback to the business as required.

Functional Requirements:

  • Review existing software license allocations to ensure optimal use.
  • Review cybersecurity infrastructure and application monitoring for potential improvements
  • Produce a monthly dashboard of pertinent security metrics.
  • Produce a monthly reporting of pertinent cybersecurity metrics both technical and executive.

The successful candidate must have the following experience/skills:

  • A minimum of 5 years of experience performing cybersecurity support duties.
  • A minimum of 2 years’ experience in at least five of the following: access control systems and methodology; business continuity and disaster recovery planning; risk, response, and recovery; network security architecture; security management practices; audit and monitoring; enterprise and IT risk assessments; incident response management.
  • Experience and expertise in managing and administering infrastructure and data systems.

Knowledge:

  • Experience with standards and best practices such as POPI, GDPR, SOC 2, PCI compliance
  • Ability to work effectively in a multi-disciplinary, collaborative team environment or independently with minimal direction.
  • Display high-energy, self-motivation, flexibility, and an ability to multitask and prioritize demands in a fast-paced environment.
  • Must possess a keen attention to detail and an ability to work effectively under pressure, and during non-core hours.
  • Excellent customer service skills and an ability to clearly explain technical issues to non-technical persons.
  • Must be able to communicate clearly and professionally via phone, email and in person.
  • Must be a very organized individual with the ability to clearly document their work in accordance with office procedures.

Tech Skills
Control Area

  • MFA
  • Web Proxy (SASE)
  • Sandbox
  • Identity and Access
  • Perimeter and Data Centre Security
  • Vulnerability Management
  • Vulnerability Management
  • Web Application Firewalling
  • Web Application Firewalling
  • Jumphost
  • DLP Classification
  • Email Security
  • PAM
  • Firewall Assurance
  • Cloud
  • Endpoint Protection
  • SIEM

Technology

  • Cisco DUO
  • Netskope
  • Thinkst Canary
  • Active Directory
  • FortiGates/FortiAnalyzer
  • Qualys VMDR
  • Nessus
  • FortiWeb
  • CloudFlare
  • ObserveIT
  • Varonis
  • Mimecast
  • SailPoint
  • Tufin
  • Microsoft Azure, AWS
  • Trellix Endpoint Protection
  • Trellix, Microsoft Sentinel, Splunk

Desired Skills:

  • CyberSecurity
  • CISSP
  • CISM

Learn more/Apply for this position