Information security engineer

Sandton, Gauteng

R 500000 ZA Per annum

Job category: Banking, Finance, Insurance. Stockbroking Contract: Permanent Remuneration: Market Related EE position: Yes Introduction The Security Engineer plays a pivotal role in fortifying the organization's digital infrastructure against cyber threats and vulnerabilities. Tasked with designing, implementing, and maintaining robust security measures, the Security Engineer is essential to ensuring the confidentiality, integrity, and availability of critical systems and sensitive data. Collaborating with cross-functional teams, this role involves conducting risk assessments, vulnerability management, threat hunting, incident response, and staying abreast of the evolving threat landscape. The Security Engineer contributes to the development and enforcement of security policies, educates stakeholders on security best practices, and responds adeptly to security incidents, thereby safeguarding the organization's digital assets and maintaining a resilient security posture. Results Delivery Security Metrics and Reporting: Must develop and execute appropriate and regular reporting on relevant security controls, alerts, incidents and vulnerabilities for management and stakeholders, highlighting potential weaknesses or cyber security related threats within their areas of responsibility Security Architecture: Secure Design Principles: Apply secure design principles to create robust, scalable, and resilient security architectures for both traditional on-premises and modern cloud-based environments. Collaboration with Architects: Work closely with system architects to integrate security controls seamlessly into the overall system design, ensuring a holistic approach to security. Advanced Protection: Implement and manage advanced endpoint protection solutions, leveraging behavioural analysis and threat intelligence to detect and prevent sophisticated malware and other security threats. Policy Enforcement :  Develop and enforce policies for secure configuration of end-user devices, including mobile devices and laptops. Root Cause Analysis: Perform in-depth analysis of security incidents to identify root causes and recommend preventative measures. Incident Triage: Investigate and triage security incidents, determining the severity and potential impact. Response: Take appropriate actions to contain and mitigate security incidents. Continuous Improvement: Conduct post-incident reviews to identify areas for improvement in incident response procedures, ensuring a continuous enhancement of the security incident response plan   Vulnerability Management Assessment and Prioritization: Must conduct Vulnerability Management by performing regular vulnerability assessments, prioritizing vulnerabilities based on risk and potential impact across the network and systems, and work closely with system owners and administrators to remediate identified vulnerabilities in a timely manner Compliance Assurance Conduct regular compliance assessments to verify adherence to security policies, addressing any gaps or non-compliance issues. Security Monitoring Continuous Monitoring: Monitor security alerts and logs using SIEM tools on a daily basis. SIEM Configuration: Configure and manage Security Information and Event Management (SIEM) systems to collect, correlate, and analyze security data from various sources. Threat Intelligence Integration: Collaborate with external threat intelligence sources to stay ahead of potential security risks and incorporate relevant intelligence into security monitoring processes Security Automation Process Optimization: Identify opportunities to automate routine security processes, enhancing efficiency and accuracy in security operations. Orchestration Tools: Implement and maintain security orchestration tools to streamline incident response activities, reducing response times and improving overall effectiveness Security Testing Threat hunting: Conduct appropriate threat hunting within the organisation based on the latest threat intelligence and industry trends noted Breach and attack simulations: Perform (and report on) regular breach and attack simulations using the adopted technologies to identify potential weaknesses or vulnerabilities within the organisation and its security controls   Security research: Threat Intelligence Analysis: Stay abreast of the latest cybersecurity threats and vulnerabilities by actively monitoring threat intelligence sources. Research and Development: Engage in continuous learning and research to identify emerging technologies and trends in cybersecurity. Security Documentation: Security Documentation: Create and maintain comprehensive documentation for security configurations, security standards and procedures Knowledge Sharing: Share security knowledge within the organization through documentation, training, and presentations. Security Compliance Audits: Regulatory Compliance Audits: Participate in regulatory compliance audits, ensuring that the organization meets all necessary security requirements. Audit Remediation: Address findings from compliance audits and work with relevant teams to implement corrective actions. General Ensure consistent results are delivered by delivery and continuous measurement against standards and SLAs Contribute as professional taking responsibility for both agreed to operational and strategic initiatives Manage own delivery against annual delivery plan and set timelines, identify obstacles to delivery and take appropriate action where required Apply cost effectiveness principles in planning and delivery in order to contribute to achievement of divisional budget objectives Ensure that deliverables stay within the agreed project scope, timelines and budget Stakeholder Relationship Management Ensure collaboration with the ISO (Information security Officer, Enterprise Architecture, Solution Architects, Application developers, other ITD teams and other JSE stakeholders. Engage the ITD staff and JSE business stakeholders to drive awareness of information security percept's, services and offerings. Engage the wider South African and International security community (e.g.security groups, approved sources of CTI) to gain understanding of current and emerging information security threats at both a JSE industry and global leve Must manage relevant vendor relationships, including evaluating and selecting vendors for security solutions and managing the vendor's performance. They must ensure that vendors comply with the organization's security policies and procedures, and that they provide high-quality products and services that meet the organization's security requirements. Process Management Must manage security, alerts, incidents and investigations, including analyzing the incident and identifying its root cause, working or escalating with the appropriate team(s) where required to containing the incident to prevent further damage. They must also communicate with internal and external stakeholders, including senior team members, IT teams and incident response teams, to manage the incident and ensure that all parties are informed Participate in the resolution of relevant information security issues in the environment until satisfactory resolution of the end-to-end process Conduct research to be able to lean into the solution design process Engage with information security vendors to ensure a continuous vehicle for keeping up to date with threats and risks Manage and drive out the remediation of security related vulnerabilities in accordance with the JSE Vulnerability Management workflow process Drive compliance with all JSE information security standard operating processes and procedures Must participate in the development, implementation and management of the organization's security policies and procedures, ensuring that the policies and procedures are up-to-date, compliant with applicable regulatory standards, and reflect industry best practices Where possible, ensure all information security objectives for each system and service are executed in a test environment prior to production rollout Provide 1st level support for the operations teams on security related matters Must assist in the development and maintenance of security documentation, such as procedures, standards, and guidelines. They must ensure that the documentation is up-to-date, accurate, and accessible to all employees. They must also review the documentation regularly to ensure that it aligns with the latest security trends and threats and recommend updates as necessary. Must conduct risk assessments to identify potential security risks and vulnerabilities within the organization's IT infrastructure, systems, and applications. They must analyze and evaluate the risks, determine their potential impact on the organization, and develop mitigation strategies to minimize or eliminate the risks Must monitor and maintain the organization's security systems and technologies and security tools. They must ensure that the systems are functioning properly, detect and respond to security incidents in a timely manner, and provide accurate and reliable data for analysis and reporting Must participate in the review and testing of incident response plans that outline the organization's response to security incidents. They must ensure that the plans are well-documented, tested, and updated regularly to address new threats and vulnerabilitiesby participating in incident response exercises to ensure that the organization is prepared to respond to security incidents. This includes tabletop exercises, full-scale exercises, and simulations of real-world security incidents. Must provide guidance on security architecture to ensure that new systems and applications are designed with security in mind. This includes reviewing architecture designs and providing recommendations for security improvements. They must also work with other departments to ensure that security requirements are properly integrated into new system and application development projects Must manage security testing, such as penetration testing and vulnerability scanning, to ensure that the organization is aware of its security risks and is taking appropriate steps to mitigate them. This includes working with vendors and external consultants to conduct testing and reviewing and analyzing test results to identify areas for improvement Conduct regular internal threat assessments to confirm the effectiveness of existing controls, identify potential gaps or weaknesses and remediate where required  Self-Management Improve personal capability and professional growth relating to field of expertise, in line with JSE objectives by discussing development needs and proposed solutions with management Must keep up-to-date with the latest security trends, threats, and vulnerabilities. They must attend industry conferences, participate in online forums, and read industry publications to stay informed about the latest security technologies and best practices. They must also recommend appropriate security measures to senior management based on the latest security trends and threats.  Epitomise living the JSE values, displaying professional conduct and adherence to required technical standards Transformation and Innovation Contribution Stay abreast of current and emerging information security threats and mitigation measures. Analyse, research, develop and implement improvement/innovative ideas and value adding solutions contributing to divisional and JSE objectives Keep abreast of changes in legislation or standards pertaining to information security Qualification in Information Systems (Licenced Penetration Tester (LPT) , Certified ethical hacker (CEH), CC (ISC2)and Comptia Security or equivalent 7 years IT work experience. Must include 5 years Information Security Engineer Knowledge and Skills  Adapting behaviour to meet major changes at work Adapting to a major organisational change Building and maintaining effective relationships with internal and external stakeholders Evaluating resource allocation Investigating and Reviewing Process to introduce efficiencies Problem solving Providing specialist professional advice/opinion Planning information security systems by evaluating network and information security technologies

#J-18808-Ljbffr