Infrastructure - Security Engineer at Stonehage Fleming

WORKING RELATIONSHIPS

• The position reports to the Lead Security Architect and is based in Cape Town. Other working relationships include all members of the IT team, all users’ worldwide and external suppliers.

Key Responsibilities    
OVERALL PURPOSE
The overall purpose of this position is to:

•  Lead the management, deployment and operation of a portfolio of cutting-edge security solutions 
•  Monitor security events and incidents and assess impact of published vulnerabilities in our environment
•  Detect, hunt and automate events handling, detect malicious activity, improve detection rules and use cases
•  Investigate events and incidents to determine risk and severity autonomously and with our MDR partner
•  Define remediation plans and work closely with IT Engineering to rebuild/remove exposed components
•  Continuous review of incidents, security posture and systems and enrich external source of intelligence
•  Support the business and work according to ITIL processes for incidents and requests
•  Write both technical and business reports of security events and incidents

QUALIFICATIONS AND EXPERIENCE

•  Qualified to graduate level
•  Minimum 3 years’ experience with Security incident handling
•  Experience in a SOC is a strong an advantage
•  Certifications such as GCIH, GSEC, GCFA, CCNA, MCSA highly valued

Technical Skills 

•  Good experience with alerts arising from SIEM tools
•  Strong interests in hybrid infrastructures and Microsoft 365 and Azure technologies
•  Good knowledge of Microsoft Windows / Server and Linux common offensive techniques
•  Good knowledge of EDR and EPP solutions
•  Knowledge of Public Cloud and Threat Intelligence an advantage
•  Exposure to penetration testing tools, firewalls, routers and switches an advantage
•  Willingness to learn new technologies at a fast pace in a constantly evolving environment
•  Flexibility, well developed sense of organization and personal responsibility
•  Good scripting abilities with good understanding or regular expressions
•  Good knowledge of general IT systems and TCP/IP networking

COMPETENCIES AND BEHAVIOURS

•  Good communications skills, with English at business level
•  Highly organized and able to collaborate with virtual teams
•  Proven analytical and problem-solving abilities
•  Curious and passionate about security, security incidents, detection and threat hunting
•  Ability to effectively prioritise and execute tasks in a high-pressure environment
•  Ability to design and draft creative and cost-effective solutions
•  Result-driven, with a strong sense of service and excellence