Cyber Security Engineer at takealot.com

Your mission, should you choose to accept it:

• Performing penetration tests of Takealot Group applications, networks and systems.
• Designing and implementing technical solutions to enhance defensive security measures.
• Providing mentorship and guidance on security practices within the organisation.
• Deploying, managing, and monitoring security tools such as SIEM, IPS/IDS, and UEBA.
• Responding to and or managing security incidents as per standards and playbooks.
• Continuously striving to enhance security auditing and monitoring capabilities.
• Creating custom applications designed to detect and alert on potential security threats.
• Collaborating with broader engineering teams to ensure the security of platforms, applications, and networks.
• Strengthening server security and integrating security measures into the platform architecture.
• Developing automation scripts to address complex security challenges efficiently.
• The role requires flexibility in support responsibilities, including on-call availability for time-sensitive technical matters. This involves [e.g., "responding to system alerts, resolving urgent client issues, or assisting with deployment challenges"]. The team ensures clear protocols and collaborative workflows to manage demands effectively.

The skills we need:

• Passionate about technology and security 
• Curious, always learning, and keeps up to date with current security affairs 
• A team player, an active listener, a mentor, and able to communicate well 
• Shows solid reasoning and decision-making
• Possesses the ability to work under pressure
• A passion for open source technologies

Qualifications & Experience:

• A formal qualification/degree in Computer Science or Engineering would be advantageous with 3+ years of experience or 4-5 years of professional experience in a security or similar role with a combination of certifications such as (OSCP, CEH, CISM, CISSP, etc.).
• Experience with contributing to bug bounty programs such as HackerOne, or professional experience in performing and reporting on penetration tests or Red Team engagements
• Solid, working understanding of Open Source Operating Systems and Applications 
• Working knowledge and experience of a programming language such as Python
• Solid, working understanding of Networking (TCP, UDP, IP, nmap, wireshark, etc.) 
• Solid, working understanding of web technologies (HTTP, HTTPS, SSL, TLS)
• Experience with IAM systems and access governance 
• Experience with WAF (Cloudflare) 
• Experience with Google Cloud or a similar cloud provider, such as AWS or Azure 
• Experience with Kubernetes, Docker, or containers in general (Is a plus) 
• Experience with defensive systems (SIEM, IDS/IPS, Canaries, Fail2Ban, etc.)
• Understanding of CI/CD pipelines
• Working knowledge of Automation workflows