Cyber Security Engineer

Key purpose:

As a Cyber Security Engineer, you will work in partnership with other departments to develop and implement secure solutions for our websites. You'll be responsible for the design and implementation of a number of key technologies including SSL certificates, Content Security Policy (CSP), cross-site scripting (XSS) protection, app performance monitoring tools, etc. You should have good knowledge of client side web application security concepts and practices. Knowledge of JavaScript is beneficial but not required as we may leverage third party libraries such as jQuery or VueJS for the frontend part of some projects.

Experience with Open Source frameworks like NodeJS is also preferred but not required if there are no plans to utilize it within the organization.

Duties and responsibilities:

• Ensure daily management, administration & maintenance of security devices to achieve operational effectiveness
• Quickly resolve any security devices system failures and troubleshoots issues with the OEM
• Research Cybersecurity Technologies and keep abreast of trends and standards
• Provides advice on technical aspects of Cybersecurity solution development and integration (including management of security infrastructure changes, deviations from specifications, etc)
• Support the implementing and operate the processes to support the Security Operations Framework and highlight the challenges in managing the SLAs with the Managed Security Service Provider (MSSP)
• Manage and collaborate on security incidents through to resolution between security operations and the Regional Security Officers (RSOs)
• Review and analyse reports, dashboards, metrics to support SOC operations. Suggest and implement remediation actions where needed
• Obtains vulnerability information and co-ordinates remediation efforts with the Regional Security Officers (RSOs)
• Ensuring that the MSSP incident response activities are conducted in accordance with the organization approved policies and procedures, appropriate to the severity and risk of the incident
• Take proactive actions to prevent an information security incident from occurring or escalating, where possible
• Perform and support any Cyber Security activities to enhance the Cyber Security posture for the organization Cybersecurity Center of Excellence
• Is able to analyze security vulnerabilities, weaknesses, and attack vectors on websites
• Fosters a culture of information security through a structured process for identifying, prioritizing, and responding to security needs across the organization

Qualifications and experience:

• Matric
• Degree (preferable)
• Current Industry certification in Information Security, Cyber Security and Cloud Security
• Current Industry certification in Cloud Security Platforms (AWS, Microsoft Azure)
• 5 working years experience in Cyber Security Operations
• 5 working years experience in engaging with a Managed Security Service Provider (MSSP)
• Technical and working experience in a manufacturing or Pharmaceutical industry (advantageous)
• Business Process Management Methodology (i.e., BPM, SDLC, ITIL, DevOps, Agile, COBIT)
• Experience in sound understanding in various application development software from a plan, build and run perspective
• Proven technical experience in managing Cloud platform Security from a plan, build and run perspective
• Experience in a computer security or IT environment
• Must have knowledge of Windows, Linux, Mac OS X and other operating systems; networking and security; code review and coding techniques; network administration and troubleshooting skills