Job category: Banking, Finance, Insurance. Stockbroking
Contract: Permanent
Remuneration: Market Related
EE position: Yes
Introduction
The Security Engineer plays a pivotal role in fortifying the organization's digital infrastructure against cyber threats and vulnerabilities. Tasked with designing, implementing, and maintaining robust security measures, the Security Engineer is essential to ensuring the confidentiality, integrity, and availability of critical systems and sensitive data. Collaborating with cross-functional teams, this role involves conducting risk assessments, vulnerability management, threat hunting, incident response, and staying abreast of the evolving threat landscape. The Security Engineer contributes to the development and enforcement of security policies, educates stakeholders on security best practices, and responds adeptly to security incidents, thereby safeguarding the organization's digital assets and maintaining a resilient security posture.
Results Delivery
Security Metrics and Reporting:
- Must develop and execute appropriate and regular reporting on relevant security controls, alerts, incidents and vulnerabilities for management and stakeholders, highlighting potential weaknesses or cyber security related threats within their areas of responsibility.
Security Architecture:
- Secure Design Principles: Apply secure design principles to create robust, scalable, and resilient security architectures for both traditional on-premises and modern cloud-based environments.
- Collaboration with Architects: Work closely with system architects to integrate security controls seamlessly into the overall system design, ensuring a holistic approach to security.
- Advanced Protection: Implement and manage advanced endpoint protection solutions, leveraging behavioural analysis and threat intelligence to detect and prevent sophisticated malware and other security threats.
- Policy Enforcement: Develop and enforce policies for secure configuration of end-user devices, including mobile devices and laptops.
- Root Cause Analysis: Perform in-depth analysis of security incidents to identify root causes and recommend preventative measures.
Incident Triage: Investigate and triage security incidents, determining the severity and potential impact.
Response: Take appropriate actions to contain and mitigate security incidents.
- Continuous Improvement: Conduct post-incident reviews to identify areas for improvement in incident response procedures, ensuring a continuous enhancement of the security incident response plan.
Vulnerability Management:
- Assessment and Prioritization: Must conduct Vulnerability Management by performing regular vulnerability assessments, prioritizing vulnerabilities based on risk and potential impact across the network and systems, and work closely with system owners and administrators to remediate identified vulnerabilities in a timely manner.
Compliance Assurance:
- Conduct regular compliance assessments to verify adherence to security policies, addressing any gaps or non-compliance issues.
Security Monitoring:
- Continuous Monitoring: Monitor security alerts and logs using SIEM tools on a daily basis.
- SIEM Configuration: Configure and manage Security Information and Event Management (SIEM) systems to collect, correlate, and analyze security data from various sources.
- Threat Intelligence Integration: Collaborate with external threat intelligence sources to stay ahead of potential security risks and incorporate relevant intelligence into security monitoring processes.
Security Automation:
- Process Optimization: Identify opportunities to automate routine security processes, enhancing efficiency and accuracy in security operations.
- Orchestration Tools: Implement and maintain security orchestration tools to streamline incident response activities, reducing response times and improving overall effectiveness.
Security Testing:
- Threat hunting: Conduct appropriate threat hunting within the organisation based on the latest threat intelligence and industry trends noted.
- Breach and attack simulations: Perform (and report on) regular breach and attack simulations using the adopted technologies to identify potential weaknesses or vulnerabilities within the organisation and its security controls.
Security research:
- Threat Intelligence Analysis: Stay abreast of the latest cybersecurity threats and vulnerabilities by actively monitoring threat intelligence sources.
- Research and Development: Engage in continuous learning and research to identify emerging technologies and trends in cybersecurity.
Security Documentation:
- Create and maintain comprehensive documentation for security configurations, security standards and procedures.
- Share security knowledge within the organization through documentation, training, and presentations.
Security Compliance Audits:
- Participate in regulatory compliance audits, ensuring that the organization meets all necessary security requirements.
- Address findings from compliance audits and work with relevant teams to implement corrective actions.
General:
- Ensure consistent results are delivered by delivery and continuous measurement against standards and SLAs.
- Contribute as professional taking responsibility for both agreed to operational and strategic initiatives.
- Manage own delivery against annual delivery plan and set timelines, identify obstacles to delivery and take appropriate action where required.
- Apply cost effectiveness principles in planning and delivery in order to contribute to achievement of divisional budget objectives.
- Ensure that deliverables stay within the agreed project scope, timelines and budget.
Stakeholder Relationship Management
- Ensure collaboration with the ISO (Information Security Officer, Enterprise Architecture, Solution Architects, Application developers, other ITD teams and other JSE stakeholders).
- Engage the ITD staff and JSE business stakeholders to drive awareness of information security percepts, services and offerings.
- Engage the wider South African and International security community (e.g. security groups, approved sources of CTI) to gain understanding of current and emerging information security threats at both a JSE industry and global level.
- Manage relevant vendor relationships, including evaluating and selecting vendors for security solutions and managing the vendor's performance.
Process Management
- Manage security, alerts, incidents and investigations, including analyzing the incident and identifying its root cause.
- Participate in the resolution of relevant information security issues in the environment until satisfactory resolution of the end-to-end process.
- Conduct research to be able to lean into the solution design process.
- Engage with information security vendors to ensure a continuous vehicle for keeping up to date with threats and risks.
- Manage and drive out the remediation of security related vulnerabilities in accordance with the JSE Vulnerability Management workflow process.
- Drive compliance with all JSE information security standard operating processes and procedures.
- Participate in the development, implementation and management of the organization's security policies and procedures.
- Ensure all information security objectives for each system and service are executed in a test environment prior to production rollout.
- Provide 1st level support for the operations teams on security related matters.
- Assist in the development and maintenance of security documentation, ensuring that it is up-to-date, accurate, and accessible to all employees.
- Conduct risk assessments to identify potential security risks and vulnerabilities within the organization's IT infrastructure, systems, and applications.
- Monitor and maintain the organization's security systems and technologies and security tools.
- Participate in the review and testing of incident response plans that outline the organization's response to security incidents.
- Provide guidance on security architecture to ensure that new systems and applications are designed with security in mind.
- Manage security testing, such as penetration testing and vulnerability scanning.
- Conduct regular internal threat assessments to confirm the effectiveness of existing controls.
Self-Management
- Improve personal capability and professional growth relating to field of expertise, in line with JSE objectives.
- Keep up-to-date with the latest security trends, threats, and vulnerabilities.
- Recommend appropriate security measures to senior management based on the latest security trends and threats.
- Epitomise living the JSE values, displaying professional conduct and adherence to required technical standards.
Transformation and Innovation Contribution
- Stay abreast of current and emerging information security threats and mitigation measures.
- Analyse, research, develop and implement improvement/innovative ideas and value adding solutions contributing to divisional and JSE objectives.
- Keep abreast of changes in legislation or standards pertaining to information security.
- Qualification in Information Systems (Licensed Penetration Tester (LPT), Certified Ethical Hacker (CEH), CC (ISC2) and CompTIA Security or equivalent).
- 7 years IT work experience.
- Must include 5 years Information Security Engineer.
Knowledge and Skills
- Adapting behaviour to meet major changes at work.
- Adapting to a major organisational change.
- Building and maintaining effective relationships with internal and external stakeholders.
- Evaluating resource allocation.
- Investigating and Reviewing Process to introduce efficiencies.
- Problem solving.
- Providing specialist professional advice/opinion.
- Planning information security systems by evaluating network and information security technologies.
#J-18808-Ljbffr