Cloud Security Engineer

Position: Cloud Security Engineer

Location: Stellenbosch

We are currently seeking a highly skilled and experienced Cloud Security Engineer to join our team on a full-time basis. The ideal candidate will be responsible for designing, implementing, and maintaining secure cloud environments for our clients. This role requires a deep understanding of cloud security best practices and a strong background in cloud infrastructure and architecture.

Minimum of 5 years as a Cloud Security Engineer.

• AWS experience is a must.

Please note that only EE (Employment Equity) candidates will be considered for this position.

To provide cloud security expertise to build out and maintain resilient, scalable, cost effective and high performing Cloud solutions that will assist our banking clirent to become the best bank in the world.
1. Cloud Security Focus
2. Design and build Infrastructure Solutions
3. Implement Infrastructure Designs
4. Maintain infrastructure
1. Cloud Security Focus
Apply cloud security know how to assist in constructing and developing the roadmap pertaining to Cloud technology.
Drive innovation by remaining current with cloud and cloud security technologies in order to enhance products & services offerings to the organisation.
Engage with multiple business units on planned Cloud deployments and investigate deployment and configuration best practices and architectures, focusing on security.
Define and document Cloud standards pertaining to infrastructure and security configurations.
Provide research and advice on industry best practices, technology and tools for consideration in the banking environment
Develop and execute test plans to check technical performance and make recommendations for improvements.
Collaborate with stakeholders to drive continuous Improvement of Cloud Security Posture through automation.
Work closely with Cyber Security, Data Governance and Infrastructure Security teams to ensure the banks cloud environment adheres to regulatory requirements and complies with the banks own security & risk standards.
2. Design and build Infrastructure solutions
Engage with vendors / suppliers / business partners for the design and implementation of cloud security solutions as needed.
Design and build out new cloud security solutions that meet the technical requirements and align with,but not limited to:
Information security and governance frameworks
Regulatory compliance
High availability strategy
Scalability and capacity planning
Review and analyse the cloud security landscape and Improve and optimize current cloud implementations for continuous improvement and the assurance of technical safeguards for requirements.
Responsible for document designs, specifications and implementations for cloud security.
Purpose Statement
Key Performance Areas
Key Tasks and Accountabilities Section 1
3. Implement Infrastructure designs
Apply cloud security technical know-how to:
Create detailed planning and implementation documentation, enhancing current standards and quality.
Prepare hand-over documentation and document support processes to stakeholders.
Liaise with stakeholders to plan the execution of deliverables according to implementation documentation.
Provide technical cloud security support to divisions ensuring effective and efficient handover.
Where required, perform the implementation of more complex deployments.
Responsible for post implementation handover (or implementation) review and learnings for future reference and improvements.
4. Maintain infrastructure
Maintenance of the cloud security infrastructure environment through executing and being responsible for various tasks:
Automating cloud security deployments and testing.
Document Standard Operating Procedures (S.O.Ps) and upkeep of general documentation.
Provisioning of new services and catalogue items.
Ensuring license compliance by auditing current license requirements and plan for future requirements.
System and software compliance using implemented standards, industry standards and best practises within information security and regulatory requirements.
Configuration management using on premise as well as AWS native tools. This will involve creating and maturing standards for new cloud security deployments and estate management
Continuous firmware and security vulnerability improvements.
Create accurate management reporting information with regards to cloud security costs, usage,constraints and risks.
Forecast the growth in cloud security infrastructure requirements. Recording and reporting on current usage as well as trending for future requirements.
Service availability using monitoring and alerting tools.
Perform 3rd level support for the resolution of critical infrastructure related issues.
Participate in knowledge sharing
Minimum:
7+ years experience in Infrastructure, Software Development, DevOps or Security
4+ years design and implementation of highly available, enterprise-scale public Cloud infrastructure.
3+ years in AWS with focus on Security & IAM
Of introducing cloud security technology (start-up) in an environment processes, principles etc.
Design and hands on troubleshooting background on AWS Platform (Azure or GCP will be advantageous).
Experience working in a DevOps environment.
Experience developing and supporting infrastructure and cloud security capabilities for micro services-based architectures.
Key Tasks and Accountabilities Section 2
Key Tasks and Accountabilities Section 3
Experience
Experience working with CI/CD tools.
Experience with authentication and Authorization technologies and protocols (LDAP, Kerberos, AD,OAuth 2.0, OpenID Connect, SAML).
Experience working with scripting and provisioning tools like Terra form, Ansible, Cloud Formation or equivalent.
Ideal:
2+ years in AWS with focus on Networking
Experience in a financial services or banking organisation
Infrastructure security
Experience in engineering data pipelines using Big Data technologies such as Spark, Kafka, Hadoop,Storm, etc.
Experience with ELK, New Relic or similar on Public Cloud Platforms.
Experience with Docker and Kubernetes.
Experience working in a fast paced Agile/Scrum environment (Atlassian Stack).

A relevant tertiary qualification
in
AWS Foundation
or
Cloud Computing
Bachelor's Degree
in
Information Technology
or
Engineering - Other

Minimum:
Basic understanding of at least one high-level programming language (GoLang / .net / Java)
Advanced scripting skills in at least one interpreted language (Bash/Power Shell)
Design and deployment of highly available, enterprise-scale Cloud infrastructure.
Advance knowledge of infrastructure concepts, technologies and patterns. (SDLC, IaC)
Practical, working knowledge of:
Developing and delivering systems on AWS Platforms (Azure or GCP will be advantageous).
Supporting and enhancing build and release processes through automation using a combination of processes and existing tools.
Understanding of Cloud Security technologies and best practices.
Understanding of Networking in Cloud environments.
Ideal:
Previous experience in a Devops role and incorporating security controls in the build process.
Experience in engineering data and/or security log pipelines using Big Data technologies such as Spark, Kafka, Hadoop, Storm, etc.
Understanding of modern software engineering patterns, including those used in highly scalable, distributed, and resilient systems.
Ability to deliver long-term, repeatable IaC solutions that incorporate directly into an overall CI/CD process.
Knowledge of JSON templates, Power Shell, CLIs, Shell, Python.

At DeARX, we value diversity and are committed to creating an inclusive and welcoming workplace for all employees. Join our team and be a part of shaping the future of cloud security.