Security Engineer III - Brackenfell at Shoprite Group of Companies

Purpose of the Job    

• The purpose of the Lead Security Engineer is to provide AWS cloud security expertise and will be responsible for the implementation of system-specific security controls and security overlays necessary to ensure the resilience of the AWS security posture. This role is part of a larger team dedicated to cloud-based management and security. As a Lead Security Engineer, this role is also responsible for the development and execution of highly complex, large-scale cyber security initiatives and requires a professional who is comfortable taking decisions and dealing with a range of problem-solving challenges and can work in a fast-paced environment and has a clear passion for cybersecurity and related technologies. 

Job Objectives    

• Provide assurance to meet the organization's security requirements in the cloud. 
• Provide security recommendations on cloud-based data security. 
• Manage AWS cloud security activities relating to business continuity, disaster recovery, auditing, risk management, vulnerability assessments, and cybersecurity and incident management 
• Optimize and implement the automation of security controls, data and processes. 
• Effectively manage cloud-based APIs to write network/system level tools for securing cloud environments.  
• Ensure secure-cloud configurations to optimize security infrastructure through various cloud security services (CloudTrail, AWS Config, etc.), technologies (VPC, Security Groups, etc.) and cloud-permission systems (IAM). 
• Manage cloud access by defining, writing or implementing IAM (Identity and Access Management) policies and technologies to secure production and corporate access, such as: SSO, SAML. 
• Define and implement appropriate policies for AWS security solutions for Shoprite Group IT Teams.
• Manage the configuration and administration for AWS Control Tower, KMS (Key Management Service), Secrets Manager, Certificate Manager, etc. 
• Conduct research on new technologies and processes, and stay abreast emerging security threats, vulnerabilities and controls. 
• Design, assess, and implement security groups, NACLs (Network Access Control Lists). 
• Develop and optimize cloud security standards, policies and procedures as well as best practices. 
• Manage and optimize security remediation plans and processes through effective system scan reviews to identify security vulnerabilities, manage and prevent future recurrence. 

Qualifications    

• Diploma / Degree in computer science, security, or any related field 
• Recognized industry certifications in cloud security such as CCSP, AWS Certified Solutions Architect – Associate, AWS Certified Security - Specialty

Experience    

• +5 years of experience in cloud technology, with solid hands-on expertise in AWS cloud security. 
• In-depth knowledge of AWS security offerings. 
• In-depth knowledge of services related to cloud computing, network, storage, content delivery, administration and security, deployment and management, automation technologies.   
• Experience with open-source software security. 
• Solid knowledge of internet & network protocols with PKI, SSL, SSH etc. and deep packet inspection. 
• Experience in Incident Response including the ability to document any security threats, resolve technical faults and allocate resources to deliver real solutions in a cost-effective way. 

Expertise in technical and business environment, familiarity with cloud security standards, to include:

• Linux 
• Microservices 
• Maven 
• Lambda 
• CloudWatch 
• CloudTrail 
• Amazon Inspector 
• GuardDuty 
• Config 
• KMS 
• AWS Macie 
• Container Security 

Advanced understanding in one or more of the following areas: 

• Platform Security 
• Cloud Computing Security 
• Data Security 
• Network Security 
• Security Assessment 
• Security Incident Response, and 
• Security Compliance Audits 

Knowledge and Skills    

• Strong technical aptitude with a passion and excitement for advanced security engineering systems, innovative technologies and solutions for security threats and its range of possibilities and applications, with a commercial understanding of  cost-effective security solutions. 
• Excellent problem-solving skills – Able to collect, organise and assimilate disparate, multiple and highly complex security threats or flaws within an environment to swifty arrive at solutions.  
• High level of self-motivation and drive to meet and exceed on goals and expectations and engage and energise others to deliver on expectations. Comfortable taking decisions and dealing with a range of problem-solving challenges independently.  
• Detailed, organised and quality focused – Has an affinity for detail, structure and efficiency, balancing planning and execution. Is diligent and vigilantly watches over work processes, tasks and outputs to ensure accuracy while independently actioning and correcting any quality concerns.
• Strong communication skills – Is able to confidently explain and simply complex IT security concepts and their real-world advantages/disadvantages to a diverse business audience.  
• Collaborative partner - Works effectively across functions and as part of a multi-disciplinary team. Is collaborative and able to build sound, professional relationships with internal and external stakeholders.  
• Ability to work under pressure and under tight time constraints, efficiently prioritising workloads, balancing multiple and competing priorities and managing time effectively in a high-volume, fast-moving environment. Enjoys challenging work and has the proven ability to effectively adapt to and manage change. 
• Is curious and adaptable, finds agile and rapid ways of answering business questions and implementing solutions fast.