Security EngineerwePlace • Pretoria, South Africa
Security Engineer
wePlace • Pretoria, South Africa
30+ days ago
Job descriptionAWS Well Architected Framework Trusted Advisor GuardDuty / SCP / SSM / IAM / WAF Container services such as ECS / EKS Incident detection and response management. Performing penetration tests and vulnerability scans against networks and infrastructure, applications and AWS environments. Drafting and implementing security policies, security procedures, security design and implementation. ISO 14971 (risk management) compliance ISO 27032 (cybersecurity) compliance SOC2 Type 2 (with HiTrust attestation) or HiTrust experience (or equivalent) Deep understanding of automation, quality engineering, architectural methodologies, principles, and solution design. Familiarity with operational observability, including log aggregation, application performance monitoring, etc. Understanding of the following : Linux / Windows server and application administration and configuration, networking, scripting and automation, large scale distributed computing architecture. Solid knowledge of IT security (firewalls, EDR, IDS / IPS, SOAR, vulnerability scanning forensic and Threat Hunting). Understanding of AWS ECS & Kubernetes and Containerisation (Docker / Podman / Containerd) with implementation, support, and design. Knowledge in security classification frameworks like MITRE or the cyber-attack kill chain. Good knowledge and understanding of industry standards, memberships, and frameworks such as CIS and SOC 2. Drive development standards and processes related to cybersecurity compliance. Monitor all cybersecurity processes, operations and infrastructure, monitoring internal and external policy and regulatory compliance. Review and evaluate development designs (for existing products and during design phase for new products) to identify gaps in cybersecurity controls, and drive updates to any cybersecurity or compliance documentation. Liaise with internal and external stakeholders to prepare for SOC2 Type 2 and HiTrust). Drive cybersecurity audit strategy and readiness from a dev, security and devops perspective. Identify, implement and maintain all security tools and technology. Schedule (and ideally automate) internal vulnerability scans, remediating findings and ensuring accurate & timely reporting to satisfy PCI DSS requirements. Schedule annual Penetration Tests with external supplier(s) and ensure implementation of items identified in remediation plans. Complete required cybersecurity applications and records for large customers and audits, including reporting as required. Drive and action where required the planning, installation, monitoring and maintenance of IT systems and infrastructure focused on cyber security including any penetration testing that is required. Design and execute short- and long-term initiatives to detect and prevent any security vulnerabilities in the IT infrastructure (cloud, security and devops) to meet current and future needs. Develop, execute and oversee procedures, policies and related training plans for cybersecurity project management and infrastructure administration. Conduct research and recommend changes in services, products, protocols, and standards to support development efforts and infrastructure procurement. Define software and hardware security standards in collaboration with stakeholders and owners for the provisioning of the development and IT infrastructure. Ensure appropriate security levels on network, infrastructure and servers are maintained, ensuring that the IT team follows the requirements set in line with cybersecurity standards. Implement cybersecurity continuous improvement programs. Crisis management - keeping stakeholders informed and actively working with teams to return service in the shortest possible time frame. This would include documenting all disaster recovery procedures. Effective management and optimisation of vendors (where applicable) as well as collaborating with the dev and IT teams as necessary. Collaborate with divisional the RAQA team and Senior ManagersManagerst to define and centralize risks and put mitigation measures in place for new and existing products and services, from a cybersecurity and privacy perspective. Improve the automation of security controls. Work closely with the dev team on defining industry-standard processes and system requirements, identifying and proposing fixes to shortcomings in the development lifecycle, code reviews and scanning as well as infrastructure provisioning. Work with the dev team to ensure that security standards and policies are being set up and configured correctly, ensuring adherence to certifications and best-practice. Assist with remediations on risk items identified from security and preventative detection reviews to ensure compliance and ensure the security posture of the IT landscape is ensured at all times. Remediate audit items by putting measures in place to prevent the recurrence of findings. For example, by making sure that audit findings are resolved by the relevant personnel and that the resolutions are such that they prevent the item from reoccurring in the future. Manage internal and external audits as required with relation to cybersecurity. Maintain documentation for cybersecurity-related risks, processes and findings. Manage annual cybersecurity roadmap, IT audit (internal and external) plan and calendar. Work closely with the Compliance team to gather and submit evidence for all security and IT audits. Proactively keep stakeholders updated on status, progress, risks and problems. Review and approve documented outcomes of Penetration Tests, Remediation Plans and required activities. Review and approve documented outcomes of Vulnerability Scans, Remediation Plans and required activities. Maintain cybersecurity documents and records in line with certification requirements. Maintain document bank and matrix for the cybersecurity setup and external customer-audit matrix requests. For example, ensuring that all cybersecurity related information, such as architectural diagrams, asset lists, asset control lists and vulnerabilities, can be referenced from a single central source from which to direct the readers to the appropriate resources.
Job Purpose :
Responsible for company-wide cybersecurity and related documents, process and record management to ensure that systems and products are safe and effective. Ensures data integrity, and that information is kept accurate and consistent unless authorized changes are made (and documented), and that confidentiality is upheld by protecting information from unauthorized access. Responsible for cybersecurity compliance and training throughout the Company.
As the IT Security Engineer, you'll support the company by taking the lead on cybersecurity and working with the team to perform ongoing operations, administration, and development of security systems, as well as implementing fixes that would protect their systems. You will continuously work towards high confidence and high accuracy detection rules leveraging abnormal or suspicious events.
Minimum education (essential) :
Engineering degree (Computer, Software, Mechanical or Electronic
Minimum education (desirable) :
- OSCP (Offensive Security Certified Professional)
- PNPT (Practical Network Penetration Tester)
- CISSP (Certified Information Systems Security Professional)
- CCSP (Certified Cloud Security Practitioner)
Minimum applicable experience (years) :
AWS' ecosystem :
The following would be advantageous :
Skills and Knowledge (essential) :
Cybersecurity Management 40%
Infrastructure Management 30%
Risk Management and Compliance 20%
QMS and Documentation 10%
2 days work-from-home in line with Company Policy (only applicable after probation is successfully passed).
Should you not receive a response from us within one week of your application, your application has unfortunately not been successful.
Create a job alert for this search
Security Engineer • Pretoria, South Africa
Related jobs
%20Ltd%20-%20JHB)
%20Ltd)
%20Ltd)
Cybersecurity Management (40%).Develop and maintain security standards and processes to support compliance requirements.Oversee cybersecurity operations and ensure alignment with internal policies ...Show more%20Ltd)
We are seeking a technically proficient Security Analyst with 2 to 3 years of experience, focused on securing systems, applications, and infrastructure.
The ideal candidate will have hands-on experi...Show more
Security Software Developer
E&D Recruiters • Pretoria, South Africa
Electronic Engineering) or BEng / BSc (Computer Engineering) or Computer Science.Experience writing software in C and C++ for embedded platforms.
Experience or knowledge in communications security and...Show more
Last updated: 16 days ago • Promoted
Electrical & Instrumentation Engineer
Assign Services (Pty) Ltd - JHB • Kempton Park, South Africa
A Tissue manufacturing company in Spartan Kempton Park is seeking a highly capable.Electrical and Instrumentation Engineer.
This role will be reporting to the.Engineering and Maintenance manager.Res...Show more
Last updated: 30+ days ago • Promoted
SHEQ Manager
Chainlink SA • Kempton Park, South Africa
We are seeking a strategic, results oriented SHEQ Manager to lead our Safety, Health, Environment & Quality function.The successful candidate will design and implement an integrated SHEQ management...Show more
Last updated: 30+ days ago • Promoted
AWS Developer Cryptography (Senior)
Khonology (Pty) Ltd • Randburg, GP, ZA
The Cloud Security Engineer is responsible for designing, building, and maintaining secure, scalable cloud infrastructure primarily on AWS, with integration across Azure environments.This role ensu...Show more
Last updated: 30+ days ago
Azure Data Engineer
Dina Gates Recruitment (Pty) Ltd • Kempton Park, South Africa
We are seeking a skilled Azure Data Engineer with a minimum of 2 years of experience to join our dynamic data team.The ideal candidate will have a strong background in SQL, Microsoft Azure, data wa...Show more
Last updated: 30+ days ago • Promoted
Mine Mechanical Design Engineer (Autodesk Inventor), Kempton Park
Rakkgalakane • Kempton Park, South Africa
Degree in Mechanical Engineering.Ability to work in multidisciplinary project teams.Finite Element Analysis (FEA) tools.Background in fabrication and manufacturing of Mine beneficiation equipment.E...Show more
Last updated: 30+ days ago • Promoted
Security Engineer
AiR • Pretoria, South Africa
Remote
Last updated: 25 days ago
Specialist â Cyber Security Assurance
A 1L Realization (Pty) Ltd • Midrand, South Africa
Key Skills and Qualifications : .Minimum of 3 years in penetration testing or ethical hacking.Strongly preferred certifications like.
Offensive Security Certified Professional),.Certified Information ...Show more
Last updated: 30+ days ago • Promoted
Hardware Firmware Design Engineer (Centurion)
Datafin IT Recruitment • Pretoria, South Africa
A world-class Security Specialist in Centurion seeks the technical expertise of a Hardware Firmware Design Engineer who is proficient in Firmware development (HDL compiled for FPGAs), Hardware deve...Show more
Last updated: 30+ days ago • Promoted
NOC Engineer
Network Recruitment • Centurion, South Africa
Monitor Field Team groups for escalations and assistance requests.Collaborate with Tier 4 Engineers for advanced troubleshooting and issue resolution.
Provide alerts on nodes experiencing.Optimize n...Show more
Last updated: 16 days ago • Promoted
Manufacturing Process Engineer
Staff Solutions Recruitment • Rosslyn, South Africa
To ensure the cold joining process holistically is monitored and controlled on all hang on assembly parts in conjunction with geometry and hot joining technologies conforming to all customer specif...Show more
Last updated: 30+ days ago • Promoted
Technical Support Manager (Engineer / Electrician)
Telebest • Benoni, South Africa
Red seal certification or higher (Wireman's advantageous).Bachelor of Engineering (BEng) / BEng Tech / BEng Electrical Engineering.
Proficiency in solar design software.Minimum 3 years' experience i...Show more
Last updated: 30+ days ago • Promoted
IT Systems Engineer (Moodle, Security & Integrations)
Praesignis • Centurion, ZA
Job title : IT Systems Engineer (Moodle, Security & Integrations).Job Location : Gauteng, Centurion.We’re looking for a versatile and experienced Senior IT Systems Engineer to lead and support our ...Show more
Last updated: 10 days ago • Promoted
Process Engineer
Profile Personnel • Rosslyn, South Africa
We are seeking a Process Engineer to lead continuous improvement and ensure world-class quality in automotive production.
Drive continuous improvement initiatives to enhance product quality and proc...Show more
Last updated: 30+ days ago • Promoted
Security Engineer
The Hiring House • Pretoria, South Africa
Risk Management and Compliance.Engineering degree (Computer, Software, Mechanical or Electronic).Minimum education (desirable) : .
OSCP (Offensive Security Certified Professional).PNPT (Practical Netw...Show more
Last updated: 30+ days ago • Promoted
Security Analyst (M365 & AWS)
Sabenza IT & Recruitment • Roodepoort, GT, za
Quick Apply
Last updated: 6 days ago
Cyber Security Assurance : Midrand
Optimal Growth Technologies • Midrand, South Africa
Specialist Cyber Security Assurance.Reporting to of Manager Cybersecurity & Assurance as the.Manage the Security and Privacy by Design Assurance (SPDA) processes.
Ensure that all projects follow...Show more
Last updated: 30+ days ago
Process Engineer
Staff Solutions Recruitment • Rosslyn, South Africa
To ensure the geometrical process holistically is monitored and controlled on all hang on assembly & press parts in conjunction with cold and hot joining technologies conforming to all customer...Show more
Last updated: 30+ days ago • Promoted