IT Security Engineer at Truworths

ROLE PURPOSE

We are looking to add a Security Engineer to drive Truworths’ initiatives that protect the security of our clients and employees across continents. In this role, you will work closely with the IT Security Manager, IT Security Architect, IT, Legal/Compliance, and other engineers to help create solutions to complex security problems. You will mainly focusing on maintaining critical security infrastructure that supports day to day security operations. This includes ensuring that the infrastructure and platforms are functioning; key security endpoint agents are operational, managing policies across various endpoint and network controls, ensuring control content is tested and up to date, and day to day standard IT activities. 

KEY RESPONSIBILITIES:

• Perform daily security operation activities
• Develop Information Security plans and policies
• Implement Protections
• Test for vulnerabilities and present findings
• Monitor & Investigate for security breaches
• Work with software development teams to proactively assess risk, address security issues and provide policy guidance
• Drive continuous improvement of response capabilities through automation and critical thinking
• Recommend security enhancements to management
• A strong understanding of endpoint security solutions which includes file integrity monitoring and data loss prevention
• Automate and integrate security tools and activities
• Examine and operationalize new adversary detection methods
• Manage firewalls, web application firewalls and network security.
• Pro-actively engage with all levels of staff within Truworths to advise/inform about IT Security (Consult on Information Security to the business).
• Reporting on the health of the security environment
• Handle any security related incidents and co-ordinate with the various other teams and suppliers

QUALIFICATION(S) AND EXPERIENCE

Qualifications:

• Security or related
• At least 5 years’ experience in an IT Security environment/team

Experience / knowledge:

• Professional experience in security system administration role supporting multiple platforms and applications
• Direct experience with anti-virus software, intrusion detection, firewalls and content filtering
• Knowledge of risk assessment tools, technologies and methods
• Experience designing secure networks, systems and application architectures
• Knowledge of disaster recovery, computer forensic tools, technologies and methods
• Experience planning, researching and developing security policies, standards and procedures
• Resource and Supplier Management

TECHNICAL AND BEHAVIORAL COMPETENCIES 

TECHNICAL 

Essential Competencies:

• Endpoint Security Management
• IPS Management
• Next Generation Firewall Configuration & Management
• Internet Content Gateway Configuration & Management
• VPN Management
• Implementation and management of network access control
• Setup, configuration and management of a corporate DMZ.
• Excellent knowledge of data security concepts and principles.
• Knowledge of cloud security concepts and principles
• Cyber-security incident analysis
• Vulnerability and Patch Management

Advantageous Competencies:

• Email Administration
  • Office365
  • Mimecast Email Security Gateway
• CASB and/or Cloud Security
• Networking background
• MS Active Directory (Domains) & DNS exposure
• Certificate Management
• Experience and understanding of relevant legal and regulatory requirements, such as SOX and PCI; familiarity with regulatory frameworks (e.g. ISO, NIST).
• Strong understanding of enterprise, network, system and application level security issues
• IT Security architecture
• Endpoint Detection and Response Technologies (Next-Gen AV, Threat hunting)

BEHAVIOURAL

• A high level of ownership
• Highest level of Integrity, diplomacy and professionalism
• Reliable and trustworthy
• Sound organisational skills
• Analytical and pragmatic in approach
• Strong ability to multi-task
• Communication skills and confidence
• Ability to interact, negotiate, persuade and influence at various levels of the organisation
• Ability to investigate malware, targeted attacks, intrusion attempts and vulnerabilities