Cyber Security Engineer - Pretoria at hearX Group

Job Purpose:

• Responsible for company-wide cybersecurity and related documents, process and record management to ensure that systems and products are safe and effective. Ensures data integrity, and that information is kept accurate and consistent unless authorized changes are made (and documented), and that confidentiality is upheld by protecting information from unauthorized access. Responsible for cybersecurity compliance and training throughout the Company. As our Senior Cybersecurity Engineer, you'll support us by taking lead on cybersecurity and working with the team to perform ongoing operations, administration, and development of security systems, as well as implementing fixes that would protect our systems. You will continuously work towards high confidence and high accuracy detection rules leveraging abnormal or suspicious events. 

Minimum education (essential): 

• Engineering degree (Computer, Software or Electronic)

Minimum education (desirable): 

• CISM (Certified Information Security Manager) or CISSP (Certified Information Systems Security Professional) or CCSP (Certified Cloud Security Practitioner) ITIL Certified

Minimum applicable experience (years):

• Minimum 5 years experience in Technology & Software Minimum 3 years experience in Cybersecurity

Required nature of experience:

• 3 years in any of: Scala, Go, Java,  NodeJS / JavaScript / Typescript / Ruby
• AWS' ecosystem
• AWS Well Architected Framework
• Trusted Advisor
• GuardDuty / SCP / SSM / IAM / WAF
• Container services such as ECS/EKS.
• Experience drafting and implementing security policies, security procedures, security design and implementation
• Experience with incident detection and management, including penetration tests and vulnerability scans

The following experience/knowledge would be advantageous: 

• ISO 14971 (risk management) compliance
• ISO 27032 (cybersecurity) compliance
• SOC2 Type 2 (with HiTrust attestation) or HiTrust experience (or equivalent)

Skills and Knowledge (essential):

• Deep understanding of automation, quality engineering, architectural methodologies, principles, and solution design
• Familiarity with operational observability, including log aggregation, application performance monitoring, etc
• Understanding of the following: Linux/Windows server and application administration and configuration, networking, scripting and automation, large scale distributed computing architecture
• Solid knowledge of IT security (FortiGate firewalls, EDR, IDS/IPS, SOAR(Rapid7), vulnerability scanning (InsightVM,) forensic and Threat Hunting)
• Understanding of AWS ECS & Kubernetes and Containerisation (Docker/Podman/Containerd) with implementation, support, and design.
• Knowledge in security classification frameworks like MITRE or the cyber-attack kill chain
• Good knowledge and understanding of industry standards, memberships, and frameworks such as CIS and ISO-27001

Essential Competencies:

• Examining Information
• Developing Expertise
• Adopting Practical Approaches
• Providing Insights
• Articulating Information
• Challenging Ideas
• Making Decisions
• Taking Action

Important Competencies:

• Generating Ideas
• Exploring Possibilities
• Developing Strategies
• Convincing People
• Conveying Self-confidence
• Showing Composure
• Embracing Change 
• Inviting Feedback
• Checking Things
• Following Procedures
• Managing Tasks
• Upholding Standards

Cybersecurity Management (30%)

• Drive development standards and processes related to cybersecurity compliance
• Monitor all cybersecurity processes, operations and infrastructure, monitoring internal and external policy and regulatory compliance.
• Review and evaluate development designs (for existing products and during design phase for new products) to identify gaps in cybersecurity controls, and drive updates to any cybersecurity or compliance documentation.
• Liaise with internal and external stakeholders to prepare for SOC2 Type I (and future roadmap towards HiTrust). 
• Drive cybersecurity audit strategy and readiness from a dev, security and devops perspective. 
• Identify, implement and maintain all security tools and technology.
• Schedule (and ideally automate) ASV scans and internal vulnerability scans, remediating findings and ensuring accurate & timely reporting to satisfy PCI DSS requirements.
• Schedule annual Penetration Tests with external supplier(s) and ensure implementation of items identified in remediation plans.
• Complete required cybersecurity applications and records for large customers and audits, including reporting as required.

Infrastructure Management (30%)

• Advise on the planning, installation, monitoring and maintenance of IT systems and infrastructure focused on cyber security.
• Design and execute short-  and long-term strategic plans to ensure infrastructure (cloud, security and devops) capacity meets current and future needs.
• Develop, execute and oversee procedures, policies and related training plans for cybersecurity project management and infrastructure administration.
• Conduct research and recommend changes in services, products, protocols, and standards to support development efforts and infrastructure procurement.
• Define and manage Disaster Recovery Strategy for the organization.
• Define software and hardware standards in collaboration with stakeholders and owners.
• Ensure appropriate security levels on network, infrastructure and servers are maintained, ensuring that the IT team follows the requirements set in line with cybersecurity standards.
• Implement cybersecurity continuous improvement programs.
• Crisis management - keeping stakeholders informed and actively working with teams to return service in the shortest possible time frame
• Effective management and optimisation of vendors (where applicable) as well as collaborating with the dev and IT teams as necessary

 Risk Management and Compliance (30%)

• Collaborate with divisional Product Owners to define and centralise risks and put mitigation measures in place for new and existing products and services, from a cybersecurity and privacy perspective.
• Improve the automation of security controls.
• Work closely with the dev team on defining industry-standard processes and system requirements, identifying and proposing fixes to shortcomings in dev lifecycle
• Work with the dev team to ensure that security standards and policies are being set up and configured correctly, ensuring adherence to certifications and best-practice.
• Remediate audit items by putting measures in place to prevent the reoccurrence of findings.
• Manage internal and external audits as required with relation to cybersecurity.
• Maintain documentation for cybersecurity-related risks, processes and findings.

QMS and Documentation 10%

• Manage annual cybersecutiy plan and calendar.
• Proactively keep stakeholders updated on status, progress, risks and problems.
• Review and approve documented outcomes of Penetration Tests, Remediation Plans and required activities. 
• Review and approve documented outcomes of Vulnerability Scans, Remediation Plans and required activities.
• Maintain cybersecurity documents and records in line with certification requirements. 
• Maintain document bank and matrix for the cybersecurity setup and external customer-audit matrix requests.