Senior Security Engineer L4

Contract position

Minimum requirements:

• Bachelor's Degree in IT or similar qualification.
• Certifications in Information Security is required
• CISSP
• CISM
• A minimum of 5 years of experience performing cybersecurity support duties. 
• A minimum of 2 years' experience in at least five of the following: access control systems and methodology; business continuity and disaster recovery planning; risk, response, and recovery; network security architecture; security management practices; audit and monitoring; enterprise and IT risk assessments; incident response management.
• Experience and expertise in managing and administering infrastructure and data systems.
• Experience with standards and best practices such as POPI, GDPR, SOC 2, PCI
  compliance
• Ability to work effectively in a multi-disciplinary, collaborative team environment or
  independently with minimal direction.
• Display high-energy, self-motivation, flexibility and an ability to multitask and prioritize
  demands in a fast-paced environment.
• Must possess a keen attention to detail and an ability to work effectively under pressure,
  and during non-core hours.
• Excellent customer service skills and an ability to clearly explain technical issues to non technical persons.
• Must be able to communicate clearly and professionally via phone, email and in person.
• Must be a very organized individual with the ability to clearly document their work in
  accordance with office procedures.

Tech Skills:

• MFA
• Cisco DUO
• Web Proxy (SASE)
• Netskope
• Sandbox
• Thinkst Canary
• Identity and Access
• Active Directory
• Perimeter and Data Centre Security
• FortiGates/FortiAnalyzer
• Vulnerability Management
• Qualys VMDR
• Vulnerability Management
• Nessus
• Web Application Firewalling
• FortiWeb
• Web Application Firewalling
• CloudFlare
• Jumphost
• ObserveIT
• DLP Classification
• Varonis
• Email Security
• Mimecast
• PAM
• Sailpoint
• Firewall Assurance
• Tufin
  
• Cloud
• Microsoft Azure, AWS
• Endpoint Protection
• Trellix Endpoint Protection
• SIEM
• Trellix, Microsoft Sentinel, Splunk

Responsibilities:

• Analyse, test, troubleshoot and support clients cybersecurity investment.
• Monitor the performance and security of infrastructure, applications and operations with the
  Protects information assets by developing security strategies, directing system access
  control, monitoring, and response.
• Perform system and account administration tasks.
• Contribute to, maintain, and document system architecture, standards, and procedures.
• Adhere to and identify solutions that streamline the internal workflow.
• Maintain the software license register and periodically re-verify existing license validity.
• Assists in Information Security projects to align with organizational strategic objectives,
  goals, and risk tolerance.
  
• Implement and regularly review automated monitoring cybersecurity for all infrastructure
  and application services.
• Maintain detailed infrastructure documentation, including an incident register for all
  cybersecurity incidents & outages.
• Maintain an up-to-date software license register, following pre-defined SOPs.
• Manage real-time infrastructure incidents to minimize operational business impact and
  maximize availability with the relevant cybersecurity service providers.
• Perform preventative and reactive maintenance to ensure required availability of services, in line with business needs, whilst adhering to defined change management principles
• Ensure that the relevant service providers process support requests within SLA.
• Perform system and account administration tasks within SLA.
• Perform project-based activities as directed by the IT project manager.
• Provide detailed & accurate estimates and feedback to the business as required.
  
• Review existing software license allocations to ensure optimal use.
• Review cybersecurity infrastructure and application monitoring for potential improvements
• Produce a monthly dashboard of pertinent security metrics.
• Produce a monthly reporting of pertinent cybersecurity metrics both technical and
  executive.