Cloud Security Engineer at Absa

Job Summary

• The Security Cloud Engineer is focused on the research and evaluation of security solutions and technologies, including the design and delivery of security solutions via the formal engagement of the Security Risk and Architecture teams and in rare instances, direct engagement via the business drivers.

Job Description
Key Accountabilities

• Develop and maintain detailed security designs, tools and configuration standard
• Manage security elements
• Security Engineering design and delivery
• Security research and Technology evaluations

Technical Knowledge

• Code - Familiarity with Ansible, Terraform, Python, Atlassian stack essential
• Knowledge and practical experience in one or more of AWS, Azure or other cloud solutions essential
• Excellent understanding of security strategies and technologies including but not limited to secure global network designs, cryptography, remote computing, cloud based technologies, server and application hardening, Web services, AAA, compliance and auditing, secure development lifecycles, software auditing, penetration testing and security monitoring.
• Strong knowledge of information security frameworks and standards such as ISO27001/17799
• Comprehensive grasp of emerging security technologies for mobile & digital channels including core, backend and big data.
• Understanding of mobile and emergent threats in the digital space
• Knowledge of common mobile device and associated application architectures including core infrastructure and applications services as well as peripheral applications/services.
• Functional and developmental knowledge of programming languages
• Knowledge of Identity, federation and authentication technologies (eg SAML, OAUTH)
• Solid understanding of Web Services technologies (eg. XML, .NET, JAVA)

Internal & External IT environment

• Can describe key aspects of strategic system and technology development plans
• Can discuss company’s position vis-à-vis security related trends and outline implications.
• Experienced with consulting on security build guides, tools and configurations.
• Has proven experience in security architectural considerations for cross-functional cross-platform applications
• Familiar with integration and implementation issues and their architectural implications
• Can describe alternative problem-solving approaches and their optimal uses.
• Superior communication skills and ability to interface with both technology and senior management.
• Ability to work concisely when under pressure work with extremely tight timescales

Business knowledge

• Ability to identify specific information security technical build guides and identify specific information security policy/standards/architecture deficiencies within the organisation and develop and drive cross-functional correction strategies.
• Appreciation and integration of how security risk applies to business propositions and not just technology
• Strong understanding of vendor and contract management

Security Management

• Knowledge in multiple information security technologies and their strengths, shortcomings
• Experience with securing information for cross-functional, cross-platform applications
• Monitors marketplace trends, vulnerabilities, emergent threats and audit/control issues
• Knows what should be communicated and when
• Actively seeks ways to understand and mitigate risk
• Able to shift well from task to task

Education And Experience Required

• NQF level 6 B Degree
• Min 5 years’ experience in technology and Security Engineering

Preferred

• B.Sc Computer Science
• Industry & Vendor certifications – SANS, ISACA, Checkpoint, Cisco, RSA etc

Education

• Bachelor's Degree: Information Technology (Required)