Security Engineer II at The Shoprite Group of Companies

Job Objectives    

•  Provide assurance through collaboration with other stakeholders that all IT platforms meet the organisation’s security requirements.
•  Provide security recommendations.
•  Recommend innovative technologies or other methods that will enhance the security of IT environments.
•  Develop standards, policies and procedures as well as best practices documentation.
•  Translate security and technical requirements into business requirements and communicate security risks to different audiences
• ranging from business leaders to engineers.
•  Influence multi-disciplinary teams in implementing and operating cyber security controls.
•  Work closely with application developers to deliver creative solutions to complex technology challenges and business requirements.
•  Automate security controls, data and processes to provide better metrics and operational support.
•  Stay current on emerging security threats, vulnerabilities and controls.
•  Identify and implement new security technologies and best practices.
•  Identify, investigate, and respond to information security event and work with Digital Forensics and Incident Response teams.
•  Identify new security threats by conducting continual monitoring, vulnerability assessments and log analysis.
•  Assist with installation or processing of new security products and procedures.
•  Monitor networks and systems for security incidents.
•  Understand complex technical issues and managing them within a fast-paced business environment.
•  Conduct proactive research to analyze security weaknesses and recommend appropriate solutions.

Qualifications    
Matric / Grade 12
Diploma/Degree

• Recognised industry certifications in cybersecurity such as CISSP (Essential)
• Academic qualifications in computer science, cybersecurity, or any related field (Desirable)

Experience    

•  At least 5 years of experience in the Information Technology field.
•  At least 3 years of experience and hands-on expertise in cybersecurity.
•  Expertise across a variety of security products including firewalls, EDR, SIEM, WAF, IAM, PAM, DLP and encryption solutions.
•  Knowledge of services related to cloud compute, network, storage, content delivery, administration and security.
•  Good understanding and exposure to Information Security standards, architecture and models.
•  Hands on knowledge of automation and DevSecOps skills.
•  Good understanding of software development principles, including design patterns, code structure, programming languages, continuous integration, continuous deployment, and deployment orchestration.
•  Experience in creating new ways to solve existing production security issues and recommending security enhancements.
•  Experience in Incident Response: including the ability to document, any security threats, resolve technical faults and allocate resources to deliver real solutions in a cost-effective way.

Knowledge and Skills    

•  Required Skills: strong technical skills, including experience with Linux and Windows operating systems, scripting languages, and cloud provider ecosystems.
•  Excellent attention to detail, as they must constantly monitor systems to ensure there are no external threats.
•  Strong problem-solving skills in order to swiftly and deal with threats or flaws in the environment.
•  Skilled in discussing complex security issues in understandable business terms.
•  Detailed knowledge of system security vulnerabilities and remediation techniques.
•  Ability to recommend solutions based on use cases and business requirements.
•  Stay- Abreast with emerging technologies and threats and ability to proactively assess and evaluate the adoption thereof in the organization.
•  The commercial acumen to provide cost-effective security solutions.
•  An enthusiasm for staying up to date with the very latest updates about security threats and solutions.