Cyber Security Engineer
Location: Rosebank, Johannesburg (Hybrid)
Salary: R1.6m per annum
About the Role:
Opportunity available for a Cyber Security Engineer with expertise in penetration testing and AWS to join our dynamic cybersecurity team. The ideal candidate will be responsible for defending our organization's digital assets against cyber threats by implementing and maintaining security controls, monitoring systems for suspicious activity, and responding to security incidents.
Requirements:
Bachelor’s degree in Computer Science, Information Security, or related field.
Relevant certifications eg CISSP, CEH, CompTIA Security+, CISM, OSCP, AWS Certified Security
Proven experience in cybersecurity roles, with a focus on blue team operations, incident detection and response, and security monitoring.
Proven experience in conducting penetration tests and vulnerability assessments in complex IT environments.
Strong knowledge of penetration testing tools, techniques, and methodologies, such as Kali Linux, Metasploit, Burp Suite, and Nmap.
Solid understanding of network protocols, operating systems, web applications, and cloud computing environments.
Strong knowledge of cybersecurity technologies, tools, and protocols, including firewalls, IDS/IPS, SIEM, antivirus, and encryption.
Experience with security assessments, vulnerability management, and penetration testing methodologies and tools.
Familiarity with regulatory compliance requirements, such as, PCI DSS, and NIST cybersecurity framework.
Proven experience in designing, implementing, and managing cybersecurity solutions in AWS cloud environments.
Strong understanding of AWS services, architecture, and security best practices, including AWS Identity and Access Management (IAM), AWS Security Hub, AWS Config, and AWS CloudTrail.
Experience with cloud security controls and compliance frameworks, such as AWS Well-Architected Framework, NIST Cybersecurity Framework, and CIS Benchmarks.
Familiarity with cloud-native security tools and services, such as AWS GuardDuty, AWS Inspector, AWS WAF, and AWS Shield.
Knowledge of network security, encryption, identity management, authentication, and authorization concepts in cloud environments.
Responsibilities:
Implement and manage security technologies and controls, including firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint protection, and security information and event management (SIEM) solutions.
Monitor security alerts and logs to identify and investigate potential security incidents, anomalies, and indicators of compromise (IOCs).
Perform security assessments, vulnerability scans, and penetration tests to identify and remediate security weaknesses and gaps in the organization's infrastructure and applications.
Develop and maintain incident response plans, procedures, and playbooks to ensure a timely and effective response to security incidents.
Coordinate with cross-functional teams, including IT operations, network engineering, and application development, to implement security best practices and ensure the integrity, confidentiality, and availability of information assets.
Conduct security awareness training and workshops for employees to promote a culture of security awareness and ensure compliance with security policies and procedures.
Conduct comprehensive penetration tests on systems, networks, and applications to identify security vulnerabilities and weaknesses.
Develop and execute penetration testing strategies, methodologies, and procedures to simulate real-world cyber attacks.
Analyse penetration test results and generate detailed reports outlining findings, risks, and recommended remediation actions.
Collaborate with cross-functional teams to prioritize and address identified security issues, ensuring timely resolution.
Design and implement security controls, configurations, and solutions to mitigate risks and enhance overall cyber security posture.
Provide technical expertise and guidance to internal stakeholders on cyber security best practices, standards, and compliance requirements.
Conduct security assessments and audits of third-party vendors, partners, and suppliers to ensure compliance with security standards and contractual obligations.
Assist in the development and maintenance of cyber security policies, procedures, and documentation.
Stay informed about emerging cyber threats, vulnerabilities, and attack techniques through threat intelligence sources, security advisories, and industry publications.
Participate in security incident response activities, including incident triage, containment, eradication, and recovery, to minimize the impact of security breaches.
Collaborate with external partners, such as vendors, consultants, and law enforcement agencies, to address cybersecurity challenges and enhance the organization's security posture.
Document security incidents, investigations, findings, and remediation actions in accordance with regulatory requirements and internal policies.
Design, implement, and maintain security controls and configurations within AWS environments to ensure the confidentiality, integrity, and availability of data and resources.
Perform security assessments, audits, and reviews of AWS infrastructure, services, and configurations to identify vulnerabilities, weaknesses, and compliance gaps.
Develop and implement security policies, procedures, and standards for AWS environments in alignment with industry best practices, regulatory requirements, and organizational policies.
Configure and manage AWS security services, such as Identity and Access Management (IAM), Security Groups, Network Access Control Lists (NACLs), Key Management Service (KMS), and CloudTrail.
Monitor AWS environments for security incidents, anomalies, and suspicious activities using cloud-native security tools and third-party solutions.
Conduct security incident response and forensic investigations in AWS environments, including incident detection, analysis, containment, eradication, and recovery.
Collaborate with cross-functional teams, including DevOps, IT operations, and development teams, to integrate security controls and practices into the software development lifecycle (SDLC) and infrastructure-as-code (IaC) processes.